urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
65.9.86.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://walla.co.il/
Effective URL: https://www.walla.co.il/
Submission: On December 25 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 119 IPs in 15 countries across 97 domains to perform 571 HTTP transactions. The main IP is 65.9.86.35, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 138484.
TLS certificate: Issued by Amazon on April 27th 2022. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.239.168.26 16509 (AMAZON-02)
1 1 54.239.168.90 16509 (AMAZON-02)
45 65.9.86.35 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:205... 16509 (AMAZON-02)
20 18.66.192.14 16509 (AMAZON-02)
2 11 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.10 20446 (STACKPATH...)
2 2606:2800:234... 15133 (EDGECAST)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a04:4e42::714 54113 (FASTLY)
9 17 2a02:6b8::1:119 208722 (GLOBAL_DC)
8 23.203.125.62 16625 (AKAMAI-AS)
5 35.174.222.86 14618 (AMAZON-AES)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
2 99.86.4.91 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.251.208.130 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 151.101.193.44 54113 (FASTLY)
1 104.244.42.8 13414 (TWITTER)
8 199.232.18.132 54113 (FASTLY)
5 14 185.89.211.12 29990 (ASN-APPNEX)
1 34.252.9.72 16509 (AMAZON-02)
4 52.16.92.165 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 23.35.236.201 16625 (AKAMAI-AS)
2 16 172.67.10.198 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
4 35.244.159.8 15169 (GOOGLE)
4 104.22.68.131 13335 (CLOUDFLAR...)
2 213.227.153.220 60781 (LEASEWEB-...)
4 185.86.139.96 201081 (SMARTADSE...)
4 2602:803:c003... 26667 (RUBICONPR...)
1 3.76.159.59 16509 (AMAZON-02)
1 216.52.2.48 32475 (SINGLEHOP...)
1 185.255.84.151 200271 (IGUANE-)
1 104.18.33.19 13335 (CLOUDFLAR...)
1 100.26.88.238 14618 (AMAZON-AES)
2 51.89.9.251 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638::24 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
10 70.42.32.159 13789 (INTERNAP-...)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 54.230.130.109 16509 (AMAZON-02)
46 2a00:1450:400... 15169 (GOOGLE)
2 32 2a00:1450:400... 15169 (GOOGLE)
44 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638::b 44788 (ASN-CRITE...)
2 2 2.18.79.139 20940 (AKAMAI-ASN1)
2 52.58.104.191 16509 (AMAZON-02)
2 8.2.110.114 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
3 141.226.228.48 200478 (TABOOLA-AS)
2 4 185.86.137.131 201081 (SMARTADSE...)
2 2 18.192.136.217 16509 (AMAZON-02)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
13 20 142.250.186.162 15169 (GOOGLE)
2 7 185.80.39.216 27381 (CASALE-MEDIA)
6 10 69.173.144.139 26667 (RUBICONPR...)
2 23.203.125.156 16625 (AKAMAI-AS)
2 23.35.237.56 16625 (AKAMAI-AS)
5 7 185.94.180.125 35220 (SPOTX-AMS)
5 5 18.156.0.31 16509 (AMAZON-02)
1 4 185.64.190.78 62713 (AS-PUBMATIC)
22 2a02:2638:1::3 44788 (ASN-CRITE...)
2 178.250.0.160 44788 (ASN-CRITE...)
1 213.202.235.10 24961 (MYLOC-AS ...)
10 2a00:1450:400... 15169 (GOOGLE)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
2 23.35.236.188 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
2 172.64.151.162 13335 (CLOUDFLAR...)
2 23.64.52.128 16625 (AKAMAI-AS)
8 142.250.185.130 15169 (GOOGLE)
1 52.29.215.64 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a02:2638:1::8 44788 (ASN-CRITE...)
5 2a02:2638:1::17 44788 (ASN-CRITE...)
2 2 185.29.134.248 30419 (MEDIAMATH...)
16 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.182 1299 (TWELVE99 ...)
1 178.250.2.151 44788 (ASN-CRITE...)
2 4 54.239.33.159 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 54.154.216.185 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 35.204.74.118 396982 (GOOGLE-CL...)
5 35.71.131.137 16509 (AMAZON-02)
2 3 37.157.6.233 198622 (ADFORM)
2 4 52.51.214.106 16509 (AMAZON-02)
1 4 172.64.154.237 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3 52.46.151.131 16509 (AMAZON-02)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
2 2 3.126.34.117 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (AMOBEE)
6 6 52.212.89.6 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
4 2600:9000:214... 16509 (AMAZON-02)
12 2600:1f18:1ac... 14618 (AMAZON-AES)
5 198.47.127.20 3257 (GTT-BACKB...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 54.81.22.167 14618 (AMAZON-AES)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 185.86.137.132 201081 (SMARTADSE...)
1 2 54.84.251.28 14618 (AMAZON-AES)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 1 141.94.171.212 16276 (OVH)
3 3 54.93.177.113 16509 (AMAZON-02)
1 1 35.158.11.170 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.243 21859 (ZEN-ECN)
1 1 178.62.202.251 14061 (DIGITALOC...)
2 2 151.101.194.49 54113 (FASTLY)
1 1 35.214.223.115 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
2 2 213.19.147.45 26120 (RHYTHMONE)
1 5.161.47.120 213230 (HETZNER-C...)
1 64.95.96.108 32475 (SINGLEHOP...)
1 1 141.95.171.139 16276 (OVH)
1 1 141.94.170.64 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 185.89.210.180 29990 (ASN-APPNEX)
1 142.251.39.2 ()
571 119
1    54.239.168.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-239-168-26.kix56.r.cloudfront.net
walla.co.il
1    54.239.168.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-239-168-90.kix56.r.cloudfront.net
walla.co.il
45    65.9.86.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-35.ams1.r.cloudfront.net
www.walla.co.il
8    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
2    2600:9000:2057:2200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
20    18.66.192.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-14.muc50.r.cloudfront.net
images.wcdn.co.il
11    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:206f:800:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
17    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
mc.yandex.co.il
8    23.203.125.62 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-62.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
5    35.174.222.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-222-86.compute-1.amazonaws.com
ping.chartbeat.net
mabping.chartbeat.net
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:2057:2e00:4:1c73:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
2    99.86.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-91.fra6.r.cloudfront.net
dal.walla.co.il
4    2a00:1450:4001:813::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
1    142.251.208.130 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
8    199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
14    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    34.252.9.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-9-72.eu-west-1.compute.amazonaws.com
ledger.crowdad.io
4    52.16.92.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-92-165.eu-west-1.compute.amazonaws.com
khn.crowdad.io
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
16    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
4    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
2    213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
4    185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
4    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    3.76.159.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-159-59.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    100.26.88.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-88-238.compute-1.amazonaws.com
hb.minutemedia-prebid.com
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
3    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
9    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
4    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    54.230.130.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-130-109.kix56.r.cloudfront.net
live.wcdn.co.il
46    2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
32    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
44    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2.18.79.139 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-139.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    52.58.104.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-104-191.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
3    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
4    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    18.192.136.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-136-217.eu-central-1.compute.amazonaws.com
ice.360yield.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
20    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
7    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
10    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    23.203.125.156 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-156.deploy.static.akamaitechnologies.com
images.outbrainimg.com
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
7    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
22    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    213.202.235.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
10    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    23.64.52.128 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-52-128.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net
1    52.29.215.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-215-64.eu-central-1.compute.amazonaws.com
red.vtracy.de
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
5    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
16    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.182 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    54.154.216.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-216-185.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    52.51.214.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-214-106.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    2607:f8b0:400b:807::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    2a05:d018:d29:3605:e8cf:44d0:158e:aa91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.126.34.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-34-117.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
6    52.212.89.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-89-6.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2a00:1450:400d:805::200e (Ireland)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2a00:1450:400e:8::6 (Ireland)

ASN15169 (GOOGLE, US)
r1---sn-5hneknee.gvt1.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    2600:9000:214f:7200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
12    2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
5    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
image4.pubmatic.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    54.81.22.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-22-167.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    54.84.251.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-251-28.compute-1.amazonaws.com
a.audrte.com
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
3    54.93.177.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-177-113.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.158.11.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-11-170.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    141.95.171.139 (France)

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh
green.erne.co
1    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel-eu.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    142.251.39.2 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
86 googlesyndication.com
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
ade.googlesyndication.com
464 KB
59 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
pubads.g.doubleclick.net — Cisco Umbrella Rank: 404
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
349 KB
49 walla.co.il
walla.co.il — Cisco Umbrella Rank: 60001
www.walla.co.il — Cisco Umbrella Rank: 138484
dal.walla.co.il — Cisco Umbrella Rank: 164921
1 MB
46 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 267
694 KB
39 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
pix.eu.criteo.net — Cisco Umbrella Rank: 7930
csm.eu.criteo.net — Cisco Umbrella Rank: 8005
428 KB
32 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 481
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage2.pubmatic.com — Cisco Umbrella Rank: 641
image2.pubmatic.com — Cisco Umbrella Rank: 852
simage4.pubmatic.com — Cisco Umbrella Rank: 1176
aud.pubmatic.com — Cisco Umbrella Rank: 4185
image4.pubmatic.com — Cisco Umbrella Rank: 824
127 KB
26 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1353
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3225
odb.outbrain.com — Cisco Umbrella Rank: 1545
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5613
mv.outbrain.com — Cisco Umbrella Rank: 3002
214 KB
22 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 102949
live.wcdn.co.il
229 KB
20 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 813
static.adsafeprotected.com — Cisco Umbrella Rank: 587
dt.adsafeprotected.com — Cisco Umbrella Rank: 543
196 KB
20 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 3712
prebid.smilewanted.com — Cisco Umbrella Rank: 5859
static.smilewanted.com — Cisco Umbrella Rank: 10038
35 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 576
secure.adnxs.com — Cisco Umbrella Rank: 414
50 KB
16 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
eus.rubiconproject.com — Cisco Umbrella Rank: 529
token.rubiconproject.com — Cisco Umbrella Rank: 563
24 KB
15 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 713
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173
ads.eu.criteo.com — Cisco Umbrella Rank: 7675
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12162
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9611
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
dis.criteo.com — Cisco Umbrella Rank: 658
112 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
dsum.casalemedia.com — Cisco Umbrella Rank: 1324
10 KB
9 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1528
sync.smartadserver.com — Cisco Umbrella Rank: 1433
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532
3 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
region1.google-analytics.com — Cisco Umbrella Rank: 2623
21 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
3 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9305
3 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
5 KB
7 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 562
4 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
307 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
1 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 crowdad.io
ledger.crowdad.io — Cisco Umbrella Rank: 103881
khn.crowdad.io — Cisco Umbrella Rank: 89790
247 B
5 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 937
trc.taboola.com — Cisco Umbrella Rank: 664
trc-events.taboola.com — Cisco Umbrella Rank: 1573
20 KB
5 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1227
mabping.chartbeat.net — Cisco Umbrella Rank: 5269
1002 B
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3663
73 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
349 KB
4 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4408
sync-eu.connectad.io — Cisco Umbrella Rank: 3213
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
233 B
4 openx.net
u.openx.net — Cisco Umbrella Rank: 653
us-u.openx.net — Cisco Umbrella Rank: 411
604 B
4 yandex.co.il
mc.yandex.co.il — Cisco Umbrella Rank: 403355
782 B
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 75010
122 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26541
739 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8549
www.google.de — Cisco Umbrella Rank: 6041
1 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1884
mp.4dex.io — Cisco Umbrella Rank: 1980
25 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
196 KB
3 gstatic.com
www.gstatic.com
csi.gstatic.com
151 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 405
471 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 740
syndication.twitter.com — Cisco Umbrella Rank: 1034
133 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1412
mab.chartbeat.com — Cisco Umbrella Rank: 2280
26 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1844
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
747 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3040
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12965
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3765
626 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1107
1 KB
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1899
1 KB
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 3151
r1---sn-5hneknee.gvt1.com
1 MB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
943 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 688
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
530 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4459
562 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
cdn.indexww.com — Cisco Umbrella Rank: 1485
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1225
344 B
2 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2309
61 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1940
645 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 527
728 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4358
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 487
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 595
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
363 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 510
eb2.3lift.com — Cisco Umbrella Rank: 335
727 B
2 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 18451
7 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3458
462 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16075
367 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1303
283 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5627
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5149
279 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 752
226 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2014
555 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2838
104 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5650
322 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 518
511 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
611 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 639
589 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 367
705 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
610 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2401
382 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
5 KB
1 vtracy.de
red.vtracy.de — Cisco Umbrella Rank: 76758
17 KB
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 10374
1 KB
1 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3277
409 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3614
1 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
402 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 162
17 KB
1 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
7 KB
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2583
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 95548
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 107046
246 KB
571 97
Domain Requested by
46 s0.2mdn.net imasdk.googleapis.com
www.walla.co.il
s0.2mdn.net
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
45 www.walla.co.il www.walla.co.il
44 pagead2.googlesyndication.com a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
s0.2mdn.net
www.walla.co.il
securepubads.g.doubleclick.net
32 tpc.googlesyndication.com 2 redirects a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
22 static.criteo.net ads.eu.criteo.com
cdn.valuad.cloud
static.criteo.net
20 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
eus.rubiconproject.com
20 images.wcdn.co.il www.walla.co.il
14 csync.smilewanted.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
14 ib.adnxs.com 5 redirects cdn.valuad.cloud
csync.smilewanted.com
googleads.g.doubleclick.net
acdn.adnxs.com
12 dt.adsafeprotected.com a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
www.walla.co.il
12 pix.eu.criteo.net ads.eu.criteo.com
11 simage2.pubmatic.com ads.pubmatic.com
11 securepubads.g.doubleclick.net 2 redirects www.googletagservices.com
www.walla.co.il
securepubads.g.doubleclick.net
10 pubads.g.doubleclick.net imasdk.googleapis.com
www.walla.co.il
10 mcdp-nydc1.outbrain.com widgets.outbrain.com
9 googleads.g.doubleclick.net www.googleadservices.com
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
www.walla.co.il
pagead2.googlesyndication.com
9 a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8 googleads4.g.doubleclick.net www.walla.co.il
8 mc.yandex.com 3 redirects www.walla.co.il
mc.yandex.ru
7 sync.search.spotxchange.com 5 redirects googleads.g.doubleclick.net
7 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 widgets.outbrain.com www.walla.co.il
widgets.outbrain.com
7 www.googletagservices.com www.walla.co.il
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
6 match.prod.bidr.io 6 redirects
6 pixel.rubiconproject.com 2 redirects csync.smilewanted.com
eus.rubiconproject.com
5 match.adsrvr.org ads.pubmatic.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
5 image2.pubmatic.com ads.pubmatic.com
5 csm.eu.criteo.net ads.eu.criteo.com
5 ups.analytics.yahoo.com 5 redirects
5 ads.pubmatic.com cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
5 odb.outbrain.com widgets.outbrain.com
5 mc.yandex.ru 4 redirects www.walla.co.il
5 www.google-analytics.com www.walla.co.il
www.google-analytics.com
5 www.googletagmanager.com www.walla.co.il
www.googletagmanager.com
4 static.adsafeprotected.com a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
4 token.rubiconproject.com 4 redirects
4 fw.adsafeprotected.com 2 redirects www.walla.co.il
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
eus.rubiconproject.com
4 gum.criteo.com 2 redirects static.criteo.net
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 sync.smartadserver.com 2 redirects csync.smilewanted.com
4 www.facebook.com www.walla.co.il
4 region1.google-analytics.com www.googletagmanager.com
4 fastlane.rubiconproject.com cdn.valuad.cloud
4 prg.smartadserver.com cdn.valuad.cloud
4 prebid.smilewanted.com cdn.valuad.cloud
4 khn.crowdad.io d2r08ja41ypc0t.cloudfront.net
4 mc.yandex.co.il 2 redirects www.walla.co.il
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
3 x.bidswitch.net 3 redirects
3 simage4.pubmatic.com ads.pubmatic.com
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
3 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 mug.criteo.com www.walla.co.il
3 trc-events.taboola.com cdn.taboola.com
3 mv.outbrain.com widgets.outbrain.com
3 www.google.com www.walla.co.il
tpc.googlesyndication.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
3 mabping.chartbeat.net www.walla.co.il
3 imasdk.googleapis.com www.walla.co.il
imasdk.googleapis.com
2 sync.1rx.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 image4.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 a.audrte.com 1 redirects
2 ad.turn.com 2 redirects
2 pm.w55c.net 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 acdn.adnxs.com cdn.valuad.cloud
2 cat.fr.eu.criteo.com ads.eu.criteo.com
2 sync-eu.connectad.io cdn.connectad.io
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 images.outbrainimg.com www.walla.co.il
2 ice.360yield.com 2 redirects
2 cdn.connectad.io csync.smilewanted.com
2 creativecdn.com 2 redirects
2 us.ck-ie.com csync.smilewanted.com
2 match.sharethrough.com csync.smilewanted.com
2 ads.stickyadstv.com 2 redirects
2 ads.eu.criteo.com a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
2 live.wcdn.co.il www.walla.co.il
2 static.smilewanted.com csync.smilewanted.com
2 www.google.de www.walla.co.il
2 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 onetag-sys.com cdn.valuad.cloud
2 b1h-euc1.zemanta.com cdn.valuad.cloud
www.walla.co.il
2 u.openx.net cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 dal.walla.co.il www.walla.co.il
2 ping.chartbeat.net www.walla.co.il
2 platform.twitter.com www.walla.co.il
platform.twitter.com
2 static.chartbeat.com www.walla.co.il
2 walla.co.il 2 redirects
1 ade.googlesyndication.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com
1 pubmatic-match.dotomi.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 aud.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 r1---sn-5hneknee.gvt1.com www.walla.co.il
1 redirector.gvt1.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 um.simpli.fi ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 red.vtracy.de a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
1 js-sec.indexww.com cdn.valuad.cloud
1 eb2.3lift.com cdn.valuad.cloud
1 m.exactag.com ads.eu.criteo.com
1 rtb.nl.eu.criteo.com www.walla.co.il
1 rtb.fr.eu.criteo.com www.walla.co.il
1 trc.taboola.com cdn.taboola.com
1 adservice.google.de securepubads.g.doubleclick.net
1 bidder.criteo.com cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 hb.minutemedia-prebid.com cdn.valuad.cloud
1 htlb.casalemedia.com cdn.valuad.cloud
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 ap.lijit.com cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 stats.g.doubleclick.net www.google-analytics.com
1 ledger.crowdad.io www.walla.co.il
1 syndication.twitter.com platform.twitter.com
1 cdn.taboola.com www.walla.co.il
1 www.googleadservices.com www.googletagmanager.com
1 widget-pixels.outbrain.com www.walla.co.il
1 d2r08ja41ypc0t.cloudfront.net cf.dxmcdn.com
1 cdn.permutive.com cf.dxmcdn.com
1 mab.chartbeat.com static.chartbeat.com
1 cf.dxmcdn.com www.walla.co.il
1 www.gstatic.com www.walla.co.il
1 cdn.valuad.cloud www.walla.co.il
571 163

This site contains links to these domains. Also see Links.

Domain
weather.walla.co.il
mail.walla.co.il
zoom.walla.co.il
news.walla.co.il
sports.walla.co.il
e.walla.co.il
celebs.walla.co.il
finance.walla.co.il
food.walla.co.il
healthy.walla.co.il
travel.walla.co.il
fashion.walla.co.il
www.sheee.co.il
nadlan.walla.co.il
mekomi.walla.co.il
cars.walla.co.il
tech.walla.co.il
www.yad2.co.il
b.walla.co.il
marketing.walla.co.il
home.walla.co.il
gaming.walla.co.il
mazaltov.walla.co.il
horoscope.walla.co.il
judaism.walla.co.il
law.walla.co.il
career.walla.co.il
tld.walla.co.il
fun.walla.co.il
fantasy-sport1.walla.co.il
seniors.walla.co.il
now.walla.co.il
calendar.walla.co.il
tv-guide.walla.co.il
holidays.walla.co.il
www.b144.co.il
beauty.walla.co.il
perfectmatch.walla.co.il
mumlazim.walla.co.il
b144.walla.co.il
yoram.walla.co.il
paisculture.walla.co.il
www.drushim.co.il
tmirecycle.walla.co.il
starkist.walla.co.il
dogsandcats.walla.co.il
galil.walla.co.il
yarokkl.walla.co.il
daciatrips.walla.co.il
www.wallashops.co.il
eilat.wallashops.co.il
www.wallatours.co.il
www.wallaprint.co.il
vod.walla.co.il
viva.walla.co.il
www.facebook.com
twitter.com
www.instagram.com
www.tiktok.com
help.walla.co.il
dcx.walla.co.il
apps.walla.co.il
bit.ly
havazingboimworld.walla.co.il
103.walla.co.il
www.outbrain.com
sport1.maariv.co.il
www.manpower.co.il
www.finarsky.co.il
om.elvenar.com
www.enaim.co.il
dominos.walla.co.il
www.kamaze.co.il
www.seolinks.co.il
hayoetzet.co.il
www.leumi.co.il
www.sugat.com
m.onelink.me
pricelist.yad2.co.il
www.oref.org.il
www.maariv.co.il
bama.bio
www.hamal.co.il
Subject Issuer Validity Valid
*.walla.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.wcdn.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
valuad.cloud
E1		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cf.dxmcdn.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
crowdad.io
Amazon		 2022-09-28 -
2023-10-27		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
hb.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-24		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2022-04-01 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
vtracy.de
Amazon		 2022-06-21 -
2023-07-19		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 89 frames:

Primary Page: https://www.walla.co.il/
Frame ID: 1332F0B35E118B57721A5A4822B01480
Requests: 195 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: A60ED6830FFD4997C5AFD327CE2E9D1B
Requests: 2 HTTP requests in this frame

Frame: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Frame ID: FE53EBEE567808D33206EE5958E43BDC
Requests: 17 HTTP requests in this frame

Frame: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 019E94875687CD5D9D9599635BE07FF4
Requests: 1 HTTP requests in this frame

Frame: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A386A64D4178F5A59AD64A1099E064CB
Requests: 16 HTTP requests in this frame

Frame: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8FAEACA2E505C1106ACB7AACE8C61B77
Requests: 8 HTTP requests in this frame

Frame: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4C1408701DC6CD2479A7B3AE9B1DE479
Requests: 4 HTTP requests in this frame

Frame: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A7AE449E73F6F59396B48DA6930A24BD
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: F93C9E42BB93421D25E8DD795C22BACB
Requests: 16 HTTP requests in this frame

Frame: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DBC2ED004B64E097B2EEB0F20C23787C
Requests: 29 HTTP requests in this frame

Frame: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2D8B7E766261CC1593C483E4F89F5D7C
Requests: 8 HTTP requests in this frame

Frame: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E7D87936BC95162723111004B710909D
Requests: 24 HTTP requests in this frame

Frame: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E3A295B0359023AE8715E61F431BC5F0
Requests: 18 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: C0C559A3E1607513EE662E76FE8D1AE8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3B8703DC9067B330FB634D65748CA118
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYnbfp2wEwAQ&v=APEucNXvTnSqUcLUUvTNOZAqusX622gnBblnQgzdd9YhbynYHYj5wPvKZr3lu0U13msm_n-d1yTvtJfmcbdMOkZamCbMksILwSAWD6Lm_pa01fZlhGM5eX4NrGawaqIpRXxEZtnFFTvASSOGrkqXRjZPkzzmyqU6gdpf0aaYZjjkXsxlSwHFJP4
Frame ID: 0BC48D7C07002E56BE0DB9304CB35DF5
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 350E2F887782C8113350517B34FC2EDC
Requests: 19 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/a450a680d12d18759dfdb06197d9f5f7?gdpr_consent=&gdpr=0
Frame ID: C0045A1420D41979C9C26CEB5AD2F8A7
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 06C7442165BA4C40097CF9F5157CB794
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 79B3FB720BAEA28DCA3111244540066F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/qckcMfmLpA5bPHNZqVzE?pi=smilewanted&tc=1
Frame ID: 167A5B8D7293D3CC67AA552EB10B9E91
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8e90f34ec120a3edc7c6096ccb3c80a9
Frame ID: 55FC147EDEC982BAC8C7B60DDDB0E006
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 516AC1CA2AC15C1D3744BE1F20F9F0C7
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: A4D3B88E982FB69F9753E28419515861
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/8e27dbfe-4a2d-449c-aef8-4b12b8753d6e&partner_id=1010
Frame ID: BFB8ED0CCDD9CE8F54127721EEEC6116
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNXk8qy81zdYXpu-L4-lRbZcaHK4Mk9Rs-xKxTaUYf515trAy64vhWgQ7xa3bcDaPGtw_wApUUT60xKPNdjR5aDKvvyduPaIaNdfm8VPrAWldwkEpTqPqFdJfwJy0Gmz-TfwyCD7ABOxbx8uDIL7oZLT06LJ8FYsm6SB6gzbO_MaxEc0GG0
Frame ID: DD9E4CD59C569EBCC64CCC4B54353CD6
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: DD4DF0B982496FA5F53CA836908D8B5F
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXgX0Txso41FcH183V7FTB4wlmx7WMcShgv3PASIu0s0yozDwzl2t9ZKi-qv0q1tyjrfaimlPzffec2-DiA5nFJqIPjsCQO78bvaZnqRMvTMv9SSawcQfxq0OXwE1G2e-GVLKTko-2FKmgDVGICv-bPgofjVCDYQa8Yq0JawbXRl8h77Pw
Frame ID: 937D7D571792A7E09A120223E3F17327
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiKkKp5MAE&v=APEucNVaJtJ7VpMd2FNETk9aCqyCUrCRcuJHEpOIOgFs0_wg4hlwZpsZdTHgfwmgCvc7XueYgoAiAB-phj2lJveWUp3mVGeH_Gn8pfJH7l3d83c31htRzqN2LplqJYbcGYbI4aT7YifQAUGvjr3Cfc_36BGJ_ioWFOlDUClM1odB17S2OwvaMOY
Frame ID: DA50A02A4649322012A75E8A06652B45
Requests: 4 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 4AD9BE7DDBBBF61DBED71E9885CD6DBC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 18EC35FBDA07401FFE7C4A56F0451A0F
Requests: 12 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9D22EEC635E3A85001AF6A296F9DC853
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: E5208FF958734FFB5307C18039F827D7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8703BA8338F87BC96F36CFA115D51EF3
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1671966504497
Frame ID: 1AFA2E0A84812D7C84E1032784E22D2E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 9A8D657EF979B8966B651F51D43FD130
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A874090ABC447E1D4ACF2ACC08A52041
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 96FAE49DB5A4B10AD03E121F2B48AA8C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 004E3757BF621191289F3E1CC4ED5E7C
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 075FBC854F235DB23B943B7C4F2E30F9
Requests: 13 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 85D6FAB2BF7D9B900BDA00B09844B9CE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2C176EA07E296FD1676A0DA9B9572963
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4909879444082661474/index.html
Frame ID: A4816825DCBB776A2F44927C57C4CD42
Requests: 14 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0ec763a8-2f2c-4800-82c4-1ac66ed396f8&gdpr=0&gdpr_consent=
Frame ID: 3043771BF812E35908DA00E2C69B05E0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8583586796627608472
Frame ID: B563CFAE8F2EBD21FCBFE6454EDD8AF5
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 75E2B36084ED35E3C52250F3DA410066
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2546D8BD-510C-4044-B55E-2B921A9DF6DC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 37A319629B2BDA1B1825682ADAF043C5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9066383568577469336&gdpr=0&gdpr_consent=
Frame ID: 0569F6ABDA3D4011914D922A03A96067
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/2546D8BD-510C-4044-B55E-2B921A9DF6DC
Frame ID: AD31C220A4FDAA39ADB21D410B6531FA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 21C0F6F5D587E7641862EDEB4623D319
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 69E2FF11540FF4CF5DD024DF0C0560F1
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1FA6414264594484F1E13E4568FC328B
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
Frame ID: 3F5EAAD3FED1D5DED2BF167EBA253908
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
Frame ID: 31FBAEED271582488D79815B56CE3203
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F339BAA6ED34F8E039F1203E3E62CCBA
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html
Frame ID: 254A78817FC5957F8F4C6B15C8BB333B
Requests: 8 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: D9D788C0345B6CDA1D45B7B7D009B18A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/a450a680d12d18759dfdb06197d9f5f7?gdpr_consent=&gdpr=0
Frame ID: AF949B94F505008A9537C462B8B6C569
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 114E6D8A01D22A30E5690ADA660383A1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3911EA67781DC6FAC7049E855BE1F494
Requests: 3 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 4EDF3E7081CD1CE08D3077C07FDA42EC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 68D0A984FBE6BBE83F9A2991159F4310
Requests: 3 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8e90f34ec120a3edc7c6096ccb3c80a9
Frame ID: 87F8BC88DFBFF9D32FB1D09D4C5B353E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F33A86AB09310CC39F24F4832ED96774
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 2C658BB91E438740BB3062494FE40FCF
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 0AB33224FE9A6FA82574A51FD53DC808
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: ACADBC2C0A01C2439E4ECFE250018E8D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 7DD355994B19EDD67F633547A13ED158
Requests: 6 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y6gvKq9s.FAHyA6h3-qF0wAA%262142
Frame ID: 3C763C44C38A868DB409E4E3459BDCD4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/74f8ac9a-8444-11ed-a708-1d0a0d900506
Frame ID: 0BB52F164137012FD41347682AEE8E8C
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 6D0325123C5603C6A6BFDBED32178B93
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: EE8DD80E04A742FC4B4975EE08647903
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: E5287C862B7F171712CBCA98A7EA7242
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB9FE1ED4DDB325944BE2CDB31C1C711
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C3DD711DF8A01265D0E6CA58155118C4
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CnCRkQ4lws8RJ5WZC3Tdn1glxsgRJcicCCFQScFN
Frame ID: E26BCC0626307159E3F09604F802C576
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181041484772997273&gdpr=0&gdpr_consent=
Frame ID: E0FF6BD3CB1A9CCE1F320C8FE53591B4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rb6NqO52Q7lNcDagxkWLxrnVm6I
Frame ID: D8A7E1219A53C5AF9D2C419D986EC724
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEkA07HUF4AACCOZ4vFlg&gdpr=0&gdpr_consent=
Frame ID: 3A38CC9BB66E6E5C846AF2239EA03F94
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&gdpr=0&gdpr_consent=
Frame ID: 2283B6CDC3EDCDFEC4947BF053A1277C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6gvMQAAAM_45gAp&gdpr=0&gdpr_consent=&_test=Y6gvMQAAAM_45gAp
Frame ID: 5D3F8ED769C5C7F47093D73ED6D14EB3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: DEE6114A85CEE144D616618D082C82F4
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EB91ACACE8BA029CC7C0CFC687584FA5
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A5E97CC7E1A941106EE4314B10729CA5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2892114837
Frame ID: C74D4CDF58E10E8C4D472ACBA52BC464
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: CA88FFB1F11F11B7C4AD8902C9F78544
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 83A2A1F90D3B5C9A16A95CD44024A274
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d8ae7f61e0e8dad8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QSgnTMUbnanSQgQS
Frame ID: F0E4ED794942836F7EA0DDF1A581C433
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/2546D8BD-510C-4044-B55E-2B921A9DF6DC
Frame ID: 43BA6D350E1ADF60F429126A39791288
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! - האתר המוביל בישראל - עדכונים מסביב לשעוןzoom

Page URL History Show full URLs

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

571
Requests

90 %
HTTPS

35 %
IPv6

97
Domains

163
Subdomains

119
IPs

15
Countries

7500 kB
Transfer

19109 kB
Size

122
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9863.9ETHR2ZWn7PGSqc0COGzuwr_Ym0qtM_b2urpiRRB5KdWEyJ9pA5r-bcfVU5gMx4z.Fc5297JtgqFv4fMVEdDZaDZOS3M%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9863.SfUexd44wxwCjvdDqTZfHkATbQP4HVRfmkxVcWD3T0iWf5FUZoZsuvOUOX2c2_XzvR10olB4tB9P6Qm0Fl5KEAIiR-ssaxiAV5fULLy2pBE%2C.YhDrDtIOQSy4Wg6HlzR0fmvS75w%2C
Request Chain 96
  • https://mc.yandex.co.il/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.co.il&token=9863.G9L9wiHhfwBBCGqXyujZIU79XTor7R3z0vznu1bY3QZZGMKgG6kLToB6MlRtUfXs.UqymcntSgXSJN3Qtz2Fy6RV2uF0%2C HTTP 302
  • https://mc.yandex.co.il/sync_cookie_image_decide?token=9863.wt462tTLBZj9I7EfOP8G4RXsA-xipIOYEggSu0yejxeXm18onHGixHZ0oqw04d9aB7LB7Aea-QdPSG3yBtO4vdz2VGhVrr-E1Yx7PLtmbSY%2C.BLt5BuL5VS8huf_7va2y0HoequM%2C
Request Chain 101
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=6b9e854f-3e7c-46d1-98fc-ce7ceffb7a0e&adnxsUserId=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D6b9e854f-3e7c-46d1-98fc-ce7ceffb7a0e%26adnxsUserId%3D%24UID HTTP 302
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=6b9e854f-3e7c-46d1-98fc-ce7ceffb7a0e&adnxsUserId=9066383568577469336
Request Chain 159
  • https://mc.yandex.com/watch/91804681?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A2255%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A354277978640%3Ahid%3A251923799%3Az%3A0%3Ai%3A20221225110823%3Aet%3A1671966503%3Ac%3A1%3Arn%3A409430070%3Arqn%3A1%3Au%3A16719665031048893011%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A65%2C39%2C18%2C46%2C1332%2C0%2C%2C1080%2C0%2C%2C%2C%2C2581%3Aco%3A0%3Acpf%3A1%3Ans%3A1671966498001%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671966505%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A2255%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A354277978640%3Ahid%3A251923799%3Az%3A0%3Ai%3A20221225110823%3Aet%3A1671966503%3Ac%3A1%3Arn%3A409430070%3Arqn%3A1%3Au%3A16719665031048893011%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A65%2C39%2C18%2C46%2C1332%2C0%2C%2C1080%2C0%2C%2C%2C%2C2581%3Aco%3A0%3Acpf%3A1%3Ans%3A1671966498001%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671966505%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94%21%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 171
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9863.thj3HIbykKivHvKAdHVppNhWR2V1Dp16yn-adMtQMEMUIxYMsUJeO3K2qBGUbskQ.nUxDYEERKU6jATrfAX0nKqe5t5M%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9863.uF74BTStl-KLrJxNt_nXMDvKMLDUvyq_qb-1fRTBcusHfIipjvMIBYqoxsrUu3bSctKv8xtMTjJb_73VRR8kNFTGKnlf5Nr7XrQnfc6g_tM%2C.onBbtqqhB0k_3AaoNoizRWgCyqA%2C
Request Chain 172
  • https://mc.yandex.co.il/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.co.il&token=9863.hPmVCB_Oh2Z-kEjG5EAuatldUJxXmvVaqVSgHfZGJycfShhKW239yBepjWUNwt1-.52tRhi230AWYbxu-Fc27JUhQ13U%2C HTTP 302
  • https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9863.7xOUgAj6uf-hKLLlEjrfrKZSVu-5nGhpU7KllIwEac-lMizGCGu1ayZFm6DWzSsEDK8Q9CFzm9lcZWOymf4-PPukOcfk9ykeVngUCBfSHiU%2C._fmjPXoxBvi2DDyMVq-09UN05xU%2C
Request Chain 192
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstPyR-2UHh4z_-EzCNNZLhBCPA_9PhHNepxGQ3i0aa8MCnSQ8vhRcwIUg7LFo6KsSdRpwlpK3UgmZ6u21H2LxBdNF9rslciw-PmEdQuP4LRxXHBiX7QzvrWPYukmFLkr-xVE5ZsCXVlRWru74Vvnc4chBZ664Q-4jsECnaUePsPCjBe9WgfncfddsYdjvyvZ7wL5Zi3u6_dS40R2Zu_cD-riuI3pyUyfcp9LnQj8ZhCbawREd_6wcpWK5jVMn6nMWo0X3x1TOkSQOUpCv-MgKlW9sou0Ba9HgSdv6c-NrYNN2jx4ioRYPjU4PGnHis0M3SHxFeKTp3bOncdIP3O%26sai%3DAMfl-YSunSTKiEVicPuiDSdloM1c65HlmOxmjT0fqRO4ZY_Ph5u5SXFtbA-lnZZ4GIAUYEw_tUFBLsgaK9MeMnFHMvqYqC-uuIzFdzkC45UNojc2bzuV9s_eVPppkdTZg78tmyjHSeombMQ320ZmgDUZew%26sig%3DCg0ArKJSzDXwWSfOQIUTEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 194
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuKufzzD-2c92kzEH5XJuWZBM7CQSEKqnt1hDNusbIeOj-JRnwZ0E-QIOHMlThCC24fH1G0J-1y5R9Jhdq-F6Z5MhJftxzkpj_TqxXxMJp_aRZBm6gVx1Qe5aNvb1Uh3YU6Fac7BsBFi-IfJaTfgerGT4wrD5eF8OtEw857BjINm2rde6fGSj4TEEsFiM0pXQeRzsDqYm2Re1a_vJcEQyCecCNsFZib_EtI0aiIUWWPFxu5cx6kAh6HNXfg72zbgrSROGxKAHKmDuHU6siXb1mdcBq8RpBJITanZwwK6z96OIsIh4cME9-9JijpOOKYAGiAdSSQhHygde__YNo%26sai%3DAMfl-YT6VKSRBTyU-HhcEvIZnrInqgD4lOUgehbntriVFEPqphJz90EXs5vFfkAPQVz50TcgFRj5v_-v0IKIPHvePxB9kqVztbc83Srr78lCitnkyHrvi5kTw9ukgJhzzLBtiCJ8wTpZrPzIN1ebx32shQ%26sig%3DCg0ArKJSzCKHWbXuoGh6EAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 210
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a450a680d12d18759dfdb06197d9f5f7?gdpr_consent=&gdpr=0
Request Chain 213
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/qckcMfmLpA5bPHNZqVzE?pi=smilewanted&tc=1
Request Chain 214
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8e90f34ec120a3edc7c6096ccb3c80a9
Request Chain 217
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 221
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/8e27dbfe-4a2d-449c-aef8-4b12b8753d6e&partner_id=1010
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfNW-6vlV2Qa-Q2mRCdJCw&google_cver=1
Request Chain 244
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6gvKq9s.FAHyA6h3-qF0wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfNW-6vlV2Qa-Q2mRCdJCw&google_cver=1&google_hm=2
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENprp0xg_k4VFuoiaEjdG_8&google_cver=1
Request Chain 246
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA2NjM4MzU2ODU3NzQ2OTMzNg%3D%3D
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC6wmcHtjPuDcNyt1aSyk3U&google_cver=1
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEGFli7gKBW10brtl8gL_vQU&google_cver=1
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFDO1yBIC7OBK_2ATbyZc_U&google_cver=1
Request Chain 269
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=74f896d1-8444-11ed-84be-1984e64b0106 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzRmOGFjOWEtODQ0NC0xMWVkLWE3MDgtMWQwYTBkOTAwNTA2
Request Chain 270
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zS21XVjJkRTJ1R3dNSWpvWVRGamZ5bkJKYnYyZTR0Y35B
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFDO1yBIC7OBK_2ATbyZc_U&google_cver=1
Request Chain 272
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=74f8acdd-8444-11ed-a708-1d0a0d900506 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzRmOGFjOWEtODQ0NC0xMWVkLWE3MDgtMWQwYTBkOTAwNTA2
Request Chain 273
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zS21XVjJkRTJ1R3dNSWpvWVRGamZ5bkJKYnYyZTR0Y35B
Request Chain 309
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=lgIE53xoNkNwTWQ0V2Q4Q3VJaEEyQzNLTmE0VjUySFlyNUhyaUttSlUyeUoxQ2QxVjBrQVQ4a01TS0V0RUYrQVE1akN5MEtMVmhGT3RjaTlIMlZKTVdOUDRYR2NFblUwR3ZGc1didG15U0hNQzM5TVF2akdrRmx0ay9RNEpKeEl2NExLT2s3WndaUGxtSUFwRjJhZGlBUDczcXFSYkdFcnFIRWYvc21DQk4xMy93NVpkZnhPUlI2dG01TXVld0dlN1BHM0ZTMzNnUnVnK1g2dG1WdVhZdWl2UlNTRlFJcW5uU2dweURrNVQ4TDdlOWNHRTQybytyZ1lCZ3hZSVY3UmdoaTFsfA&cppv=2
Request Chain 336
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0ec763a8-2f2c-4800-82c4-1ac66ed396f8&gdpr=0&gdpr_consent=
Request Chain 337
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8583586796627608472
Request Chain 339
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2546D8BD-510C-4044-B55E-2B921A9DF6DC&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2546D8BD-510C-4044-B55E-2B921A9DF6DC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 340
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9066383568577469336&gdpr=0&gdpr_consent=
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JUbYvVEMQES1XiuSGp323A%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 345
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1055312138 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2546D8BD-510C-4044-B55E-2B921A9DF6DC
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjU0NkQ4QkQtNTEwQy00MDQ0LUI1NUUtMkI5MjFBOURGNkRD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGpR2AMO6Dsc-fpUXTHIpqs&google_cver=1
Request Chain 350
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7621813348636885045
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6gvKq9s-FAHyA6h3_qF0wAACF4AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECZ5QOcr4Glyk32cTeXfkM4&google_cver=1
Request Chain 397
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=PPSe07Uv1P9oRL5
Request Chain 398
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9066383568577469336
Request Chain 399
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3506663725266119622
Request Chain 400
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEkA07HUF4AACCOZ4vFlg&expiration=1673176109
Request Chain 402
  • https://redirector.gvt1.com/videoplayback/id/360f920352d220c0/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1671988107/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/8FC86D2C462B67BA529553B9E3CFE452E8288CD1.0ECEDDAD066EAB241B5243BE906EFA61A1604DC3/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-5hneknee.gvt1.com/videoplayback/id/360f920352d220c0/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1671988107/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/282AB07E3341ABB0830A1577F58D727B39EA6A57.5548A7C77B76872184FCFA5D6F3207B17BB7696B/key/cms1/cms_redirect/yes/mh/bW/mip/2a03:1b20:6:f011::2e/mm/28/mn/sn-5hneknee/ms/nvh/mt/1671965676/mv/u/mvi/1/pl/48/file/file.mp4
Request Chain 403
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjUyMjcwY2QzZTEwYjA3NjkyODA4OTQ0NDJhZWRkMzllZWFiMTU1OA
Request Chain 404
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hIenkNS6SwK64kusDA3VPQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hIenkNS6SwK64kusDA3VPQ
Request Chain 405
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/RV7OYHa7Cl_eOu_hFGIFPg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Yx17zwFE2oIra27oUlwavMFC8pspfZdjmfnGrw--~A
Request Chain 406
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMzOU9SQzMtQS1LSldT
Request Chain 408
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC39ORC3-A-KJWS
Request Chain 409
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rGeO_Jv0SCmUcDG8SKBSwg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rGeO_Jv0SCmUcDG8SKBSwg
Request Chain 410
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB93S8eW4zoha22SHNQb3jQ&google_cver=1
Request Chain 422
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_Ky-oY4quLpf8gAeYvoX4CQ&cbFunctionName=goog_wrapCb_Ky-oY4quLpf8gAeYvoX4CQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.walla.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c9dcf536-62e1-1ef3-d0f1-91ff9808f7e4,c:xO0slu,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-q87st,rg:ie,pt:1-2-3-4-5-6-7-8-9-10-11-12-13-14-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tr1D571+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C191%7C1a1%7C1b*.990511-61634100%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:38,oid:75cd3aa1-8444-11ed-b8dd-565401444e3f,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 429
  • https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_Ky-oY8CgOOS6x_APvI60uAs&cbFunctionName=goog_wrapCb_Ky-oY8CgOOS6x_APvI60uAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.walla.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e95000c2-d433-a679-4324-8f6dad2f834f,c:xO0snQ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-tksqj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:9,mot:0,app:0,maw:0,fm:tr1D597+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C19*.990511-61634098%7C191%7C1a1%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:54,oid:75cd61ee-8444-11ed-97e2-de469e3a4298,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 452
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a450a680d12d18759dfdb06197d9f5f7?gdpr_consent=&gdpr=0
Request Chain 465
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8e90f34ec120a3edc7c6096ccb3c80a9
Request Chain 471
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 483
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y6gvKq9s.FAHyA6h3-qF0wAA%262142
Request Chain 485
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/74f8ac9a-8444-11ed-a708-1d0a0d900506
Request Chain 524
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=JPz5219SJTJCeTI1M1VTMTN2dUY3RHFQZ2ElMkJ5eXUzdm00JTJCZGgxYjUxdTc2d1ZJZkxuNUhBM0YlMkI0NTM5U0xGeGZPQ0t1RUYxTXNSY2Y1NHBFTG1qT3FJUkI1RjJpZjVmQkZBV3ZFSWlOdDFUTW9UM1hIOSUyQjFFV2h6N2FldzhsVEw0SEszNDk&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=PeSLuXx6dnBSeENRckZRVVhwTWdWZXR2T0o0VjNWSXVCeXB4TklZbGhmc3NrMThIYzhNcE9aWVI4bDNGUGNjL3NKeVdnTXJCclFVbG1rMTNJdUxrTGRoeVFqRTRacGM5Y1RleWs1ZGZoOE1BVjBzWGExS1hwQUNCbEpaQ3ArU1JLS3JkNUxaSVE5ZjhZUDdXMXdhMXFCbFBxT1JzejNwcnUvSFJSWlpwaWx3VkRHcFJFNFFJTWt2VVJiWi9pc2NzLzBKeC9lbGc2NFl6SHVNengvejRVNEhTMzJmUDVGVzN3bWdOVWVKZ09QVEg5bUFRUjVsWHlZZEl2N2xmWkhGM0M2dUhqb1gyajRZK29SSDJETk14UUx6Sk1vN3ptYWlvVkhiQUEwVk9PQmV6YnFiVT18&cppv=2
Request Chain 535
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CnCRkQ4lws8RJ5WZC3Tdn1glxsgRJcicCCFQScFN
Request Chain 536
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181041484772997273&gdpr=0&gdpr_consent=
Request Chain 537
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rb6NqO52Q7lNcDagxkWLxrnVm6I
Request Chain 538
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFa0EwN0hVRjRBQUNDT1o0dkZsZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEkA07HUF4AACCOZ4vFlg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEkA07HUF4AACCOZ4vFlg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEkA07HUF4AACCOZ4vFlg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7941863614148787353&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEkA07HUF4AACCOZ4vFlg&gdpr=0&gdpr_consent=
Request Chain 539
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2546D8BD-510C-4044-B55E-2B921A9DF6DC HTTP 302
  • https://a.audrte.com/p
Request Chain 540
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2546D8BD-510C-4044-B55E-2B921A9DF6DC&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2546D8BD-510C-4044-B55E-2B921A9DF6DC&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 541
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&addseg=19,36,42
Request Chain 542
  • https://pixel.onaudience.com/?partner=214&mapped=2546D8BD-510C-4044-B55E-2B921A9DF6DC&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 544
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EfQk4UtE2uVIiG29XCLDpbGlV9IEpVU-~A&gdpr=0&gdpr_consent=
Request Chain 545
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1c2f6a4a-9b74-4da7-91c6-9b848caa60f9&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_d7a5745d-14cd-42a0-bd7d-eae09c8a3d5f&bsw_param=1c2f6a4a-9b74-4da7-91c6-9b848caa60f9&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1c2f6a4a-9b74-4da7-91c6-9b848caa60f9&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 548
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7cb052a1-714e-4a1a-9783-eb653e5c451d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 556
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y6gvMQAAAM_45gAp HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6gvMQAAAM_45gAp&gdpr=0&gdpr_consent=&_test=Y6gvMQAAAM_45gAp
Request Chain 557
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 558
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 560
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671966513465 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2892114837
Request Chain 563
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d8ae7f61e0e8dad8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QSgnTMUbnanSQgQS
Request Chain 565
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0ec763a8-2f2c-4800-82c4-1ac66ed396f8
Request Chain 566
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3506663725266119622&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 567
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9066383568577469336

571 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il/
Redirect Chain
  • http://walla.co.il/
  • https://walla.co.il/
  • https://www.walla.co.il/
591 KB
283 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1d5549d8ab14b97ef868d3929ac04bccecbb023999002ccc8c73c5c3f5583f9a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28
cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 25 Dec 2022 11:07:51 GMT
etag
W/"93a44-qfJwH0D5iWHeq17Io4fBi/fp9xA"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
x-amz-cf-id
v4nEC2n4YvFE7WWjFP7rlrVnZXFnZywv1NH_B1KOJiPoMHY32PAwww==
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
x-cached
MISS

Redirect headers

age
50255
content-length
0
date
Sat, 24 Dec 2022 21:10:44 GMT
location
https://www.walla.co.il/
server
AmazonS3
via
1.1 63fd69eef309e30fc51240b7228d876c.cloudfront.net (CloudFront)
x-amz-cf-id
y7EqnxK7BhqOzWJTDbIUwuv8GAjYkPBBo-KN6TMV5_mdjg3FTLtylA==
x-amz-cf-pop
KIX56-C2
x-cache
Hit from cloudfront
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1431 / 941 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 25 Dec 2022 11:08:19 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 00:43:34 GMT
content-encoding
gzip
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
37485
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
2X710AmGNfG0ZGwY_yqs97vrf5SGvzsMEyvedgmiB-qarDRLUC6Dsg==
expires
Mon, 26 Dec 2022 00:43:34 GMT
new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"473-185482799e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
i0VIr65moyFJpJKT0jyZpqAxqJEMV7ojohdRNl3HE0fRGH1EyehKjA==
x-cached
MISS
icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"7ee-18548279dd0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
vxAeb9klfoYqoq9CKlkSG5eu32sYtlDTY1Dv4O5tgdchm-lcPdfoww==
x-cached
MISS
icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 		464 B
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"1d0-185482799e8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
464
x-cached
MISS
x-amz-cf-id
rsXIoJPfSfaMwOdOojrva8lxmTCQfj-AN-FZesvTOND7En-ws1AOag==
new-logo.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"492-185482799e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
Gl2SeZJbLd4zuzyRXHokagkCLpN1ZyvwJFJ1q2ty_92A_t1hG6wfUg==
x-cached
MISS
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"c00-18548279dd0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
Hj4TYqUW-xbzqPi1pavzHCcn0SS2bN2ZHDw5Ry5ee46ie6qq_zLezQ==
x-cached
MISS
yad2.png
www.walla.co.il/public/assets/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/yad2.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"488-18548279dd0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1160
x-cached
MISS
x-amz-cf-id
sZCMADSqBTVqA28o8Thb7TfHZ4EKNzqpmqQqcvjqRt-MWCXR16uzSw==
3474718-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_54/3/4/7/4/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_54/3/4/7/4/3474718-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
8612ae01cc6b3e8bbb4ba5dd350b1dc9905128810791ca37e5203d6d6f126e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:51:09 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
1030
edge-cache-tag
286193074799858425524147783653774083012,325240592619059456640567246033780590469,d2bce9e04f88d43dd8350e859c701704
cache-tag
286193074799858425524147783653774083012,325240592619059456640567246033780590469,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
60262
x-request-id
2b1e359b53d88b120a41ea725a11df32
x-served-by
cache-iad-kjyo7100060-IAD
last-modified
Sun, 25 Dec 2022 10:51:10 GMT
server
cloudinary
x-timer
S1671965468.615398,VS0,VE1442
etag
"f13312a822115c8c6da88da4b825bdd4"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
fD1rfOJv8tSmNa4tJ4Crq6djJyKPAjgQdUlXdRRpPbd_oyWT4CX9PQ==
x-cache-hits
0
invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"834-185482799e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
k_X94ovS16qJcgiSZJvWGsxYTIALbdB6506MRNFshbtfJRs6FrCFWA==
x-cached
MISS
103fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 		895 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/103fm.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12501
etag
W/"37f-185482799e8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
895
x-cached
MISS
x-amz-cf-id
ib2k5rWOW0TMEHN9so-6Lz7tZPf252CMiQ64Jcpe14xv6vafqYKAWQ==
99fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/99fm.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12501
etag
W/"3a5-185482799e8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
933
x-cached
MISS
x-amz-cf-id
r3aP0NObxX0Kf2h7ntPTpMiyyog3W4TGxtPuTBsMm1yzp_OCShsBqA==
logo-walla-short-negativ.svg
www.walla.co.il/public/assets/zoom/ 		1 KB
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/zoom/logo-walla-short-negativ.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
fae267ec6eaf92344f51d5d5dd696ff4db220c92a666330996fe277cbb12ecea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12501
etag
W/"4cc-18548279dd0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
oeLDnZK4KFKyNIWEfN1aIXji-RAT8yxO7OjgJFZTlkpy4J-Q0O7I6Q==
x-cached
MISS
3472605-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/7/2/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/7/2/3472605-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
d483d2ad6d3a77b03c5b38eb9153f51b4e8cd3fd3bfda4997e6ef661b6ec8a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 13:04:27 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
511432
edge-cache-tag
296535405654130666099157685595126283103,134119208106065605577453037400131398643,d2bce9e04f88d43dd8350e859c701704
cache-tag
296535405654130666099157685595126283103,134119208106065605577453037400131398643,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
19578
x-request-id
cac8cbf1d439905088d339b4d94a5f64
x-served-by
cache-iad-kiad7000152-IAD
last-modified
Mon, 19 Dec 2022 13:04:28 GMT
server
cloudinary
x-timer
S1671455067.987527,VS0,VE638
etag
"d59b3cc6d0850f7048a173de31bb9913"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
gWRo9q4iQASkfu5JJ6JrSnq9q0iBeU76bK1RAVd8EtboRapZRlii2g==
x-cache-hits
0
3472606-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/7/2/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/7/2/3472606-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
ca1b594f35a3c3040480308575efda85b5734aaf01897ead3437e72ef1d420c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 13:04:27 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
511432
edge-cache-tag
242904989837176139298317893679435547330,134119208106065605577453037400131398643,d2bce9e04f88d43dd8350e859c701704
cache-tag
242904989837176139298317893679435547330,134119208106065605577453037400131398643,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
18533
x-request-id
a9dab260175c49f27c0605dc46fe36db
x-served-by
cache-lga21965-LGA
last-modified
Mon, 19 Dec 2022 13:04:28 GMT
server
cloudinary
x-timer
S1671455067.037747,VS0,VE658
etag
"de907057fbda4535e6da33ce75614d66"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
o7h54vM-CZl-bf-wNYCoqUoaNk28F0mwlEpMzq-8s7tAYkvHpQJOYQ==
x-cache-hits
0
3464651-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/6/4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/6/4/3464651-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
561a01a2f3ceee457a50f08129d2d9427e843555ec8a4ad77bb614bdb2e1950b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 07:04:06 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
533053
edge-cache-tag
293990467227762446195203462104687803678,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
293990467227762446195203462104687803678,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
2579
x-request-id
27fef5df802b5594bcbb868ae598a58e
x-served-by
cache-iad-kjyo7100062-IAD
last-modified
Mon, 19 Dec 2022 07:04:07 GMT
server
cloudinary
x-timer
S1671433444.659810,VS0,VE2566
etag
"ab93f089f9d225a97f4c6d460f08f163"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
wPGnpP9jdKC2azV6ikwv4dXUKtxy-DR1Q151MKqwKE_taw89ZpbVsw==
x-cache-hits
0
3466627-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/6/6/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/6/6/3466627-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
dfc2cb394c69b1f1688373a0013052d0831e5dcb360c2c0e37e38fa4ddb225b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 07:04:04 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
533055
edge-cache-tag
429654543406639354367598950765427266231,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
429654543406639354367598950765427266231,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
6902
x-request-id
91b1e6dc8adc928daeeef2463a826442
x-served-by
cache-iad-kiad7000169-IAD
last-modified
Mon, 19 Dec 2022 07:04:05 GMT
server
cloudinary
x-timer
S1671433443.468290,VS0,VE1122
etag
"4296ab1c7fc812fef71976731d86ea9a"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
6zcBRvb1m9WBLp-ZGhMRBU3y9qkq_Q7tOiyhm8QU8icfAtbJgcghlQ==
x-cache-hits
0
3401797-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/0/1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/0/1/3401797-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
b00feff24e52f629b0b791b10d75456f5bffaa22d8716fe45a984fe57d9d88a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 12:47:57 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
339623
edge-cache-tag
121731885695154859600834930398496090162,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
121731885695154859600834930398496090162,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
4793
x-request-id
549476696b93d44b4f3d0862565cfcb2
x-served-by
cache-iad-kjyo7100131-IAD
last-modified
Wed, 21 Dec 2022 12:47:58 GMT
server
cloudinary
x-timer
S1671626876.185915,VS0,VE912
etag
"18f9695c5bdd3f52fa13a31b16b42f87"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
GbQDVPXgjyisHDOzFdraY4Wr31ipURNGxkRT_yESrjQEXp6W_iEmWg==
x-cache-hits
0
3446288-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/4/6/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/4/6/3446288-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
da3691883cbe3cd8517487eebf2ae91e6d2be5478076486ff85bbc9a079f8102

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:01:09 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
335230
edge-cache-tag
310021030251099657859382161942819805829,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
310021030251099657859382161942819805829,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
7569
x-request-id
d15873b66632d0e2e066f400ec260587
x-served-by
cache-lga21922-LGA
last-modified
Wed, 21 Dec 2022 14:01:10 GMT
server
cloudinary
x-timer
S1671631265.821811,VS0,VE5141
etag
"4d3468f265f60717c8c9ea3be99851f6"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
2M8oh10VNucMVUlrCIAsQ4oZ9F8fGsuigDQh0BepwF766UCtCRC_Dw==
x-cache-hits
0
outbrain.png
www.walla.co.il/public/assets/outbrain/ 		780 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/outbrain/outbrain.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
00778b7246ce1ad6cbc6085624d78cdeb6c805c67c60113beab05259080b7a25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"30c-18548279dd0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
780
x-cached
MISS
x-amz-cf-id
ERWGmMN20gl-KzqzAlTRRYZyhzYZCATMO2mC2ySajVJRcQkN-GC8_w==
new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 		636 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12503
etag
W/"27c-18548279dd0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
636
x-cached
MISS
x-amz-cf-id
Yzq1LEQBB1AfbU70A4uZRpPa_AGlrOacdYBGGL3kK8ElCaO0PkU8Bg==
446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
www.walla.co.il/public/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12503
etag
W/"2d69-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
xn63hRfc8fh-8H2pE7M1jsnENcYYUT-7BRvpcLUsQ8Y5fdsPHNh_GQ==
x-cached
MISS
462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
www.walla.co.il/public/ 		309 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f48a26731c5bedb73f2c65bc3537c096ee30acd40dc1dbc52ab9dc0c7300c28f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:59 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12501
etag
W/"4d5fa-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
0oiXZ-ZxmDrtQ2PglL5x7ja5s5XABbAwue2ze4JWP_tK9v_f_b4qCQ==
x-cached
HIT
main_924281c797c0a21852bf_924281c797c0a21852bf_walla.js
www.walla.co.il/public/ 		1 MB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_924281c797c0a21852bf_924281c797c0a21852bf_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
52c6f029fe14eb4a0131517ddb73abbe6cc350e26848f6191569c9c3b1f4baf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12503
etag
W/"11e91e-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
LTYKXayBQy3OPukKcFE6i_KWu0DpF_k2YUOxEZHult1I2zL2WAVb6Q==
x-cached
MISS
29_556abeff572d0b62c092_556abeff572d0b62c092_walla.js
www.walla.co.il/public/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/29_556abeff572d0b62c092_556abeff572d0b62c092_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1e36da77124c1e4d487d41ed4604cb51a1983e6444f3474ea022370aeabbe00e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:59 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12501
etag
W/"33ec-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
sJgT3sqpeoBGbiunm-9j2wP32tRy2fp1GOMGjGb_qoIjQ70D-3DBXg==
x-cached
HIT
homepage_1b6e8bd969196fb61fb6_1b6e8bd969196fb61fb6_walla.js
www.walla.co.il/public/ 		221 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_1b6e8bd969196fb61fb6_1b6e8bd969196fb61fb6_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1b44a17d4e96eb7536bd3293c4ca2865d994a3b6f173aa671bfbe9f8662ef078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12503
etag
W/"37215-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
C_05GS1Q_hgwk9Cw6daQafFmTe0jBbhXX55oX5u8Wk7lMlc4xp9XXg==
x-cached
MISS
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 21 Dec 2022 01:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
380248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 01:30:51 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		907 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e35aa85514833036e24200de785c47bae867e2d1fc4a2998e876713a650a4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Sun, 25 Dec 2022 11:08:19 GMT
walla-v2-prod.js
cdn.valuad.cloud/hb/ 		908 KB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
31b7fe34672f874c1bdbc1cbfd84735a07aff08c1b0df1df162a281dc22052f7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Mon, 19 Dec 2022 13:38:58 GMT
x-sp-metadata
HS256.CLT6oJ0GEooBCiRmOTdlNDJmNy0yYmJhLTRkNDQtODYxNi1mYzk3ODg3MzUwY2UQ+PLE+NXG+wIaBgik3qCdBiIPMTg1LjIxMy4xNTUuMTYyKLixAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMTZiOTQ0ZTktZDExNy00ZTcxLWEwYWQtMGFlZDJiYzUxODU5GPCoDyIYCAISFGNkczI2My5hbTUuaHdjZG4ubmV0.ewBcfiaFDCvLnPwvkgUhW0P1tEaBYMQU7JD0USPdKJY=
x-amz-request-id
tx0000000000000522f0826-0063a757c7-2b9ea74d-fra1a
etag
"b4e93c760a48491f1d71d088544ada03"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1671966500.dop114.am5.t,1671966500.cds219.am5.hn,1671966500.cds263.am5.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
250992
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 11:08:20 GMT
Content-Encoding
gzip
Age
1235
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
29221
Last-Modified
Wed, 02 Nov 2022 19:43:37 GMT
Server
ECS (frb/6795)
Etag
"6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		405 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2411113a71ec049b0133e163d82a3e69f55af1eae955e9aa44988149703a4d3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84935
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Dec 2022 11:08:20 GMT
gtm.js
www.googletagmanager.com/ 		491 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0632ac087f99222f515f300a79283837bf6ab3679bea139a2b3136e2da8fdef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66617
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Dec 2022 11:08:20 GMT
gtm.js
www.googletagmanager.com/ 		122 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0fb8699c39fe9606920c79f29d2e612c35b9cd8c8f1bda2c1ce4317001bb641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47509
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Dec 2022 11:08:20 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 25 Dec 2022 09:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6223
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 25 Dec 2022 11:24:37 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Sun, 25 Dec 2022 11:08:20 GMT
api.js
www.gstatic.com/readaloud/player/web/api/walla/js/ 		442 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/readaloud/player/web/api/walla/js/api.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23f84cc102c45c28c68a0cec609fab73f15b95f554b3e99efcf46d41450282af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/speakr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153938
x-xss-protection
0
last-modified
Sun, 18 Dec 2022 09:14:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="speakr"
vary
Accept-Encoding
report-to
{"group":"speakr","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/speakr"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 11:12:26 GMT
wallawb.js
cf.dxmcdn.com/dta/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/wallawb.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:800:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
date
Sat, 24 Dec 2022 12:04:58 GMT
last-modified
Sun, 29 May 2022 13:46:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
83003
etag
W/"c6a8b1a7ee5ce83efe089c14c99eefad"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
xaOcwJL70sef6fQW_6e5kxaaAY-pNVPcOUxik3Zs2p4bhJmMw9Hgsg==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 01:01:25 GMT
content-encoding
gzip
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
36415
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
QmER88DdNYRHSGytqLJ1p44yMOYxV-IKxQHL4t9MaMV6BAIosOqPTg==
expires
Mon, 26 Dec 2022 01:01:25 GMT
google.gif
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/google.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"5b6-18548279dd0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1462
x-cached
MISS
x-amz-cf-id
1l0cL4FF_1FW5DbSV7SInM6pzFebmdPCAkNYBa4ykC3ZKJNC009ohQ==
icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12503
etag
W/"2e7-185482799e8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
743
x-cached
MISS
x-amz-cf-id
xBj1v67qcrsVR5X54cNwog89QbqSPfMpXZDSWH_98xmNLqyOIZio0A==
zoom.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/zoom.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ed9a1c0a002eebd39ff310d9a7d166a21448676cc03b5546a5bebfbc762b1742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"7e3-18548279dd0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
sDdolve4LiKamSyAKCxeG9ZItlG1jViLWXFNodn0s_hPctX9A2URrw==
x-cached
MISS
icon-wather.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"85c-18548279dd0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
vYx3q_Ab0_Rq2OsqarLfDm7krirtf_KRr57cVnTqWNXTnvEwoGMMdQ==
x-cached
MISS
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"5f6-185482799e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
D75dsBIyBg6i9LVv1KzRKOumHHjJk5OaSwr3pEtpOWOREGG3aIY0Dw==
x-cached
MISS
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12503
etag
W/"e954-185482799e8"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
eaE1dGblUPiSYIEyqyVzMXxRMvOPASsj362WRsaXhboNlUTdCoyB-A==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
980122f9717dd855a2e3aff2f0351f0e9674b0c06de00f97a2d2e0f5e81a2c44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
168
date
Sun, 25 Dec 2022 11:08:20 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
2015
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
914
x-served-by
cache-hhn-etou8220067-HHN
x-timer
S1671966500.381710,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 23 Dec 2022 10:34:45 GMT
tag.js
mc.yandex.ru/metrika/ 		211 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
215b87b0d70a1da7c14b724129cfe52c887f672ae2e303fd4572572dcd93efec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 23 Dec 2022 11:05:15 GMT
etag
"63a5613b-11fc5"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73669
expires
Sun, 25 Dec 2022 12:08:20 GMT
outbrain.js
widgets.outbrain.com/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
311198d7679812261f6a89c06edf84e12b53e6430cf53741cd233976aee48b8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:20 GMT
content-encoding
gzip
last-modified
Sun, 25 Dec 2022 08:33:18 GMT
etag
"15-A7FcA/ubAPYZ+sUoQHBM4DPCoKM"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
6ac96c93a9d1c628ca81ed88222aa7d4
timing-allow-origin
*, *
content-length
75268
arrow-forward.svg
www.walla.co.il/public/assets/homepage2/ 		475 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/arrow-forward.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"1db-185482799e8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
475
x-cached
MISS
x-amz-cf-id
2A0D4lHhpi-FCOMenGVttMTHHnk5o-aEBmDOgqlBYHzEDXXPE43VXw==
video@2x.webp
www.walla.co.il/public/assets/icons/homepage3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video@2x.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"74c-18548279dd0"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1868
x-cached
MISS
x-amz-cf-id
EDKBECdqn-2TJywILVMgm9X4bGCw41xftyDpqxZVqDCIEZxmQMzrZg==
icons-play-live.svg
www.walla.co.il/public/assets/icons/ 		298 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icons-play-live.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"12a-18548279dd0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
298
x-cached
MISS
x-amz-cf-id
ipc5p_WItotP2aljYMHXt50PYBu9McbK6pXsi3su2U9JpBcPBqHyGA==
play103fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 		409 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/play103fm.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"199-185482799e8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
409
x-cached
MISS
x-amz-cf-id
2mZsHcTWxdr7NjQYe9eIxHAV4KFIEYwTNlLcXcz2VBsC4YTQNPh_7Q==
play99fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 		409 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/play99fm.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"199-185482799e8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
409
x-cached
MISS
x-amz-cf-id
nqFX6IoLCNBVHKJkozqIfvQI3Gv8jDgrOUSCm7A2Ylx22qKGD11c1Q==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"3bdc-185482799e8"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
05QYALWy_-o0eOtyy2nzFSLmUwTBCXcDEH-Xzsc_NE4jOE3MpdQztQ==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"e770-185482799e8"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
-XgK2iwoMmR4uiG4Hd5uu3HqaB5WGw-xqa7TDxt7Qo45Mutj5Mkq6A==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"e7c0-185482799e8"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
MISS
x-amz-cf-id
0ZgVtJMujbqNYOmgSo-CgLMzSVOBIErqiiooGu6tO5G5oe_fxdKUKQ==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=BuCBOIDjlFhvDAA4I2&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=12036&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.walla.co.il%2F&b=2766&t=jtqHADAGU_HCR3h8vI7d9aBbmZ7P&V=139&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&tz=0&sn=1&sv=gIzxTCjmykBCc8O9aOYdkZnphTU&sd=1&im=067b2fff&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.222.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-222-86.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:21 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BuCBOIDjlFhvDAA4I2&c=0&V=139&x=YtHpNceUz0z9O&v=A&ml=m&sl=BKk1qI&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.222.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-222-86.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:21 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BuCBOIDjlFhvDAA4I2&c=0&V=139&x=HHrA8SxpAUo1E&v=B&ml=m&sl=CpCBbN&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.222.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-222-86.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:21 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BuCBOIDjlFhvDAA4I2&c=0&V=139&x=muiIa2JehMYYw&v=B&ml=m&sl=BS6ZMJ&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.222.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-222-86.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:21 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
widget_iframe.644279d1635fd969e87af94a98bd232b.html
platform.twitter.com/widgets/ Frame A60E 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
300314
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Sun, 25 Dec 2022 11:08:21 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 02 Nov 2022 19:36:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668B)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-12-25
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2e00:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f42f0de4a342fa5e348271d4972ccbb3d2905c5062d10b8ce774ac57f0599d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
g.fPWVDLd1kZS8XQha90QxlH7cnrmHFM
content-encoding
gzip
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
date
Sat, 24 Dec 2022 14:53:01 GMT
last-modified
Mon, 19 Dec 2022 17:15:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
72922
etag
W/"7c9e793e26e65fd43f6b4e20665f9cef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XVeVwa-i5DHxeqezTvE53im5MP7QEeMXty14DWk_sHC4f-A4j4jpfg==
452_26dc5e427d85df112ddb_26dc5e427d85df112ddb_walla.js
www.walla.co.il/public/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/452_26dc5e427d85df112ddb_26dc5e427d85df112ddb_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_924281c797c0a21852bf_924281c797c0a21852bf_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1305b2f052d8eaa0fa1e83f15dfbe15cb58cdff54c44a3a24daa273e2e523a75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12505
etag
W/"1eaa7-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
B-lt-WdU5t1opXWgc3fSgLfpOauHrmq03zga4R8frXdyNI3OCoXlzg==
x-cached
MISS
PikudInner_bb9f77b480edaf21f1e3_bb9f77b480edaf21f1e3_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_bb9f77b480edaf21f1e3_bb9f77b480edaf21f1e3_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_924281c797c0a21852bf_924281c797c0a21852bf_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
2d4b858c0e7906266e5342c077cb13a45cc546c1c678da9ca63a13a0940a7a7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12505
etag
W/"cfd-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
nZ9g2s9-wstBeOoC-UgrBaEk61bOPk-cu597-izMPrA5W13dv_XA7g==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7721237c91b6adf9644c4c1a3f6bea66a5dfa29853bc9831b138d4f9bfa6687
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1431 / 715 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 25 Dec 2022 11:08:22 GMT
3547787
dal.walla.co.il/event/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dal.walla.co.il/event/3547787?from=www.walla.co.il
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9b82e6d600ee0a50651c809a19ecfe680a8d5716eae446025d66dc9ed31c58f9

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:13 GMT
content-encoding
gzip
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
9
x-srkey
d8ed7407eb1a7775ed40041e4a551043
x-cache
Hit from cloudfront
x-cached
HIT
pragma
cache
server
openresty/1.15.8.1
x-speed
0.0487089157
vary
Accept-Encoding
x-hostname
13167cbc5cb1
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
x-ip-x
200.173.50.43, 64.252.81.89
x-ip-r
10.30.22.186
cache-control
max-age=60
x-amz-cf-id
BectARtN3PCkmxzvsb8AfaWObU2JO4JkIAog2CzReNtn3OsBO9iWjw==
expires
Sun, 25 Dec 2022 11:09:00 GMT
985_8f9f43cb2d0d34144d8f_8f9f43cb2d0d34144d8f_walla.js
www.walla.co.il/public/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/985_8f9f43cb2d0d34144d8f_8f9f43cb2d0d34144d8f_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_924281c797c0a21852bf_924281c797c0a21852bf_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c3e2c3a1252dbbb47647b91b7492bf3d6c3dc1d4a332ca14616bf8be075f0593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12504
etag
W/"adb3-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
7CDh3AMn3SkBjy2hwNwyWGJaDHAfkz1QxGJxhDWcIDzEzBhuFKkF8g==
x-cached
MISS
player.html
www.walla.co.il/public/ Frame FE53 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f42ec27f2c6d85ac310093af2b83337569831c813eda706f8aa1f481ce5d0573

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6129
cache-control
public, max-age=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 09:26:13 GMT
etag
W/"bd8-185482b89b8"
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
x-amz-cf-id
llAPb_62OntaJjxfbg3fiFgCfRd2mbyAikywgzXDMLU9vaFdOltdDQ==
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
x-cached
HIT
video.webp
www.walla.co.il/public/assets/icons/homepage3/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12505
etag
W/"3a2-18548279dd0"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
930
x-cached
MISS
x-amz-cf-id
ST7kYVX4pZ_AXOrnGQndWDXn298vBVYBcgVzdSp6kqg_TUFOWmcp_A==
626_0d28508a485b0f3e4d71_0d28508a485b0f3e4d71_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/626_0d28508a485b0f3e4d71_0d28508a485b0f3e4d71_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_924281c797c0a21852bf_924281c797c0a21852bf_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
45945e673e9facc8b3292790f069378dc73f3a7d2ee6729d773ae44ddde754ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12505
etag
W/"c3a-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
51bD9a6qF8UnbUQavz4u__2GR_b5zxobgHitg1_kBWhsUWcVHXmk0g==
x-cached
MISS
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:40:00 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12502
etag
W/"46c-18548279dd0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
HIT
x-amz-cf-id
VGAqE-ORJC2mx8yzfuM9DR8_FmjkHEsZJg30Xjb3LcyEAVfZsHUJ5Q==
3421426-46.png
images.wcdn.co.il//3/4/2/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il//3/4/2/1/3421426-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 16:31:18 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
2140624
edge-cache-tag
145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
cache-tag
145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
5667
x-served-by
cache-lga21969-LGA
last-modified
Sun, 14 Aug 2022 10:29:39 GMT
server
cloudinary
x-timer
S1669825879.630391,VS0,VE1
etag
"a299b27a337fe5f8cd65385dbd30d509"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
hG9qm7D_4VgjGLHJ_hSHPGVE07rDw3Gn3KKqa9gEMX7NaEVtlanXQA==
x-cache-hits
1
3474561-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_600,t_54/3/4/7/4/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_600,t_54/3/4/7/4/3474561-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
ad6243a9e687a105ae6e5344bff45ec0d98a4495af4638a39093218629dba1ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 19:30:52 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
56250
edge-cache-tag
272300100267532433981977176729224684762,312166661980159595920626296514339805193,d2bce9e04f88d43dd8350e859c701704
cache-tag
272300100267532433981977176729224684762,312166661980159595920626296514339805193,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
25096
x-served-by
cache-lga21956-LGA
last-modified
Sat, 24 Dec 2022 19:30:31 GMT
server
cloudinary
x-timer
S1671910253.552736,VS0,VE38
etag
"1ff35f2411de4022850c137879882d77"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
kPtKN_eArJjcLt-qm3IkjOFucGQLI4uxglFJUtYkI8DgTQ1cr5eglg==
x-cache-hits
0
3474386-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/7/4/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/7/4/3474386-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
da6193e2ac75f943e2a54cb33ff20c864c1e8e8add1f8b951360be6784f027c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 20:45:06 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
51796
edge-cache-tag
164634184323058170521802006389298922943,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag
164634184323058170521802006389298922943,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
7380
x-served-by
cache-lga21972-LGA
last-modified
Sat, 24 Dec 2022 20:45:07 GMT
server
cloudinary
x-timer
S1671914707.900867,VS0,VE1
etag
"0d7e45ee2574a22986354d10d3d560e1"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Y1arzRgyK2XnQDxjvlBQhtI05G1qR9MatpiddBxcMTjxe9GBvF3yjw==
x-cache-hits
1
3474492-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/7/4/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/7/4/3474492-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
4cb52ca9c447ce1666eaf80c4d9c3ae0424d87fcc8bccc4fce42da852d92c303

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 20:45:06 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
51796
edge-cache-tag
386958659702978495805126324629928757669,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag
386958659702978495805126324629928757669,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
7564
x-request-id
afcb8536910a955810685f8e437825be
x-served-by
cache-iad-kiad7000135-IAD
last-modified
Sat, 24 Dec 2022 20:45:07 GMT
server
cloudinary
x-timer
S1671914707.900729,VS0,VE1
etag
"b2c82480327910d7cf86b18382a95146"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
TvMnnSSRez8PfV5yvXvgnJ3iUVWPHgbV3YGRvHMO5F2YCD_glNgo2w==
x-cache-hits
1
3474567-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/7/4/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/7/4/3474567-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
70a48180657ae5025e790b8668d45fe0bba88f0108f15e2a8e023d7a8b40fa89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 20:45:07 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
51795
edge-cache-tag
295561908332310387000369173826953139605,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag
295561908332310387000369173826953139605,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
6243
x-request-id
58b418afeedeb11dc99f1569315c817e
x-served-by
cache-iad-kiad7000095-IAD
last-modified
Sat, 24 Dec 2022 20:45:08 GMT
server
cloudinary
x-timer
S1671914707.901909,VS0,VE853
etag
"3e507be5078a044dcd4851058ad24891"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
MZ9OMqr28_-ICEpyvKwK4O6Zdpts4Z9XDAsaWzxv9KQvCTbIX2pLyA==
x-cache-hits
1
3474636-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/7/4/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/7/4/3474636-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
63cdf97a31db183a3a1f1688398db5269b234fa608470ae36f6245f9d596ce71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 08:18:07 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
10215
edge-cache-tag
245780781040446798416273320374713482196,100405190877075924057354241558136016486,d2bce9e04f88d43dd8350e859c701704
cache-tag
245780781040446798416273320374713482196,100405190877075924057354241558136016486,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
19022
x-request-id
5718641570c8938bee6f7f53a589abd6
x-served-by
cache-iad-kjyo7100148-IAD
last-modified
Sun, 25 Dec 2022 08:18:08 GMT
server
cloudinary
x-timer
S1671956287.823324,VS0,VE864
etag
"b4d6fe7761cf8fcbdd126261ed30ca5e"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
NsH3akkY2JmkaAlSQ4QeT4v77j9V6G1gHHLtMmO4Xdg_vuAoplVvkQ==
x-cache-hits
1
3474553-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/7/4/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/7/4/3474553-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
c3372bad905ea24cdcdb8c700a587c85d4d6662cb37ff9d4802a88226d0e6227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:22:38 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
2743
edge-cache-tag
329992396957433083457289507267758793783,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
329992396957433083457289507267758793783,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
5129
x-request-id
feebd884b4ed4ead6f940c97ef128f73
x-served-by
cache-iad-kjyo7100137-IAD
last-modified
Sun, 25 Dec 2022 10:22:39 GMT
server
cloudinary
x-timer
S1671963759.538441,VS0,VE443
etag
"feb130318f881f2dfdf37bf760dc5433"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
RZrIdWFJBDOP50WfKoyV10J16oyDPeebS0tDES_W1Kr4c11E0EEGlg==
x-cache-hits
0
3180174-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/8/0/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/8/0/3180174-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
9494a2132fd677a63d339a7d69c91efed0d6a2f5e54c2f3297bc39c9fd5e708f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 09:04:28 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
5882634
edge-cache-tag
207038435763734254655447710856476146213,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
207038435763734254655447710856476146213,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
1224
x-served-by
cache-iad-kiad7000036-IAD
last-modified
Wed, 29 Dec 2021 10:00:50 GMT
server
cloudinary
x-timer
S1666083869.719278,VS0,VE3
etag
"54d316cadec9fe422359998ca60de23f"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
ENCUxJ2K-ASvz1oonu0kBGOwWPESEowj58h3400rrxKULwGynQzjhw==
x-cache-hits
1
3179568-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/9/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/9/3179568-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
64b934c26f040486052e202be223cd7514f770a38a68edb67db123d997895cac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:00:31 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
7628871
edge-cache-tag
294008475302776510052261506874202346181,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
cache-tag
294008475302776510052261506874202346181,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
2649
x-served-by
cache-iad-kjyo7100069-IAD
last-modified
Thu, 30 Dec 2021 10:01:11 GMT
server
cloudinary
x-timer
S1664337632.607388,VS0,VE1
etag
"1f7805fe0a42542e9345fabe325cb9ae"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
7s8OuKI2j2n1s5_B_K9qCGC3lSl5s_gQtQDMSEtPFvIGkNEGpTG7TQ==
x-cache-hits
1
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 25 Dec 2022 11:08:22 GMT
server
Google Frontend
x-cloud-trace-context
293d06f2f2e7c12456afe223b43d8c70
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-request-id
d872d9b5-b41e-4fb0-8d44-0dd7a1ee70ee
x-vad-version
0.9.13

Response headers

date
Sun, 25 Dec 2022 11:08:23 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
a7e128d9da08deea417c25a8a2e338ba
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:22 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Tue, 24 Jan 2023 11:08:22 GMT
3474289-46.mp4
images.wcdn.co.il/q_auto,w_300,t_18/3/4/7/4/ 		542 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://images.wcdn.co.il/q_auto,w_300,t_18/3/4/7/4/3474289-46.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 25 Dec 2022 10:30:41 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
2262
edge-cache-tag
383375437874894369962581497875119697211,337475062601781952787363620968152228896,d2bce9e04f88d43dd8350e859c701704
cache-tag
383375437874894369962581497875119697211,337475062601781952787363620968152228896,d2bce9e04f88d43dd8350e859c701704
status
206 Partial Content
x-cache
Hit from cloudfront
Content-Range
bytes 0-994485/994486
Content-Length
994486
x-request-id
8af865a35495f340cdd25e1a4ce7f3bc
x-ua-compatible
IE=Edge,chrome=1
x-served-by
cache-lga21960-LGA
last-modified
Sun, 25 Dec 2022 10:30:41 GMT
server
cloudinary
x-timer
S1671964227.174279,VS0,VE14037
etag
"a9eade1ccf3f6f1c8ff0aa07d6c8cd1a"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
PtuCG00APvS-SmuOMjJdx2fyrb4cyXLY-jOLWSj1Z0ZUOsUJxPRM8Q==
x-cache-hits
1
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FE53 		372 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Sun, 25 Dec 2022 11:08:23 GMT
446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
www.walla.co.il/public/ Frame FE53 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12506
etag
W/"2d69-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
6RJSYCuEOXTu0Q41tlHmT0TG8HhHxb3ABrNBIzK1svCje1y8Ijhv-w==
x-cached
MISS
330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
www.walla.co.il/public/ Frame FE53 		698 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e738c53ef449838876fe4764541af72c41a7a77123674f2df73d11872b8e2c87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12506
etag
W/"ae7fe-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
2n4l3eEtEYHNgu4u5S9oGrHe6sGsUoMbl0fOD2tzT5BIt_6TdVUPVw==
x-cached
MISS
player_dedd31ca649d0d1e7e30_dedd31ca649d0d1e7e30_walla.js
www.walla.co.il/public/ Frame FE53 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player_dedd31ca649d0d1e7e30_dedd31ca649d0d1e7e30_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e88d0252b17c67a7272d2ef1c8b13481cd964a903996d7100e019b7dcf2117c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:24:51 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12506
etag
W/"768e-185482b89b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
TdzAyIsiuNfqMBqrwAVe4MTtZ8lVslq-669dDQDO7IdMWcNcjxtWJQ==
x-cached
MISS
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2078144377&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=1261799079&gjid=234296186&cid=777851744.1671966503&tid=UA-4780630-1&_gid=1769622307.1671966503&_r=1&gtm=2wgbu0T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&z=769790383
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 11:08:23 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 25 Dec 2022 11:08:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
AunwTX745a8sicTjSIKTXABpJRqGYxXfWBmrUiNJRpbsiNTpn+D8gSFusxsH3tcxptyNhcynJI7UiaWy51UQIA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3f597277534f079b4b0aa41c31d83d2e137eab8b481b2a5bbebbebf4cb6410b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78990
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Dec 2022 11:08:23 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1245572/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6f45cd4980401fdfe59cb07b2b7eb48d12f48cfc2e2b182789acbd55af59a32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
zALgtsE7S9uydvlVAgkrZgr3yyWoIyEq
content-encoding
gzip
via
1.1 varnish
date
Sun, 25 Dec 2022 11:08:23 GMT
x-amz-request-id
16C4DPQXXKB5J77F
age
310
x-cache
HIT
x-amz-replication-status
PENDING
content-length
18207
x-amz-id-2
89MjEwUcpxCA2kC2THbPd18k4AHDtKv1c6dyD95F4ufJLKZOxAiUb4wlK1Cz9r6V+Y6Ti3TBFxY=
x-served-by
cache-hhn-etou8220080-HHN
last-modified
Sun, 25 Dec 2022 11:03:14 GMT
server
AmazonS3
x-timer
S1671966504.604774,VS0,VE0
etag
"65addb6a827e7b8ee64dc7dbb3c042ce"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
72
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
12
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2078144377&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABEAAAACAAI~&jid=1562918841&gjid=299965796&cid=777851744.1671966503&tid=UA-249518521-1&_gid=1769622307.1671966503&_r=1&gtm=2wgbu0KL6PRJM&z=1768842832
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75df470c79c76d59f49e328b91b3f106d44d3ed314db8c86a15a0f7dfcd47043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78992
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Dec 2022 11:08:23 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9863.9ETHR2ZWn7PGSqc0COGzuwr_Ym0qtM_b2urpiRRB5KdWEyJ9pA5r-bcfVU5gMx4z.Fc5297JtgqFv4fMVEdDZaDZOS3M%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9863.SfUexd44wxwCjvdDqTZfHkATbQP4HVRfmkxVcWD3T0iWf5FUZoZsuvOUOX2c2_XzvR10olB4tB9P6Qm0Fl5KEAIiR-ssaxiAV5fULLy2pBE%2C.YhDrDtIOQSy4Wg6HlzR0fmvS75w%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9863.SfUexd44wxwCjvdDqTZfHkATbQP4HVRfmkxVcWD3T0iWf5FUZoZsuvOUOX2c2_XzvR10olB4tB9P6Qm0Fl5KEAIiR-ssaxiAV5fULLy2pBE%2C.YhDrDtIOQSy4Wg6HlzR0fmvS75w%2C
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9863.SfUexd44wxwCjvdDqTZfHkATbQP4HVRfmkxVcWD3T0iWf5FUZoZsuvOUOX2c2_XzvR10olB4tB9P6Qm0Fl5KEAIiR-ssaxiAV5fULLy2pBE%2C.YhDrDtIOQSy4Wg6HlzR0fmvS75w%2C
date
Sun, 25 Dec 2022 11:08:24 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.co.il/
Redirect Chain
  • https://mc.yandex.co.il/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.co.il&token=9863.G9L9wiHhfwBBCGqXyujZIU79XTor7R3z0vznu1bY3QZZGMKgG6kLToB6MlRtUfXs.UqymcntSgXSJN3Qtz2Fy6RV2uF0%2C
  • https://mc.yandex.co.il/sync_cookie_image_decide?token=9863.wt462tTLBZj9I7EfOP8G4RXsA-xipIOYEggSu0yejxeXm18onHGixHZ0oqw04d9aB7LB7Aea-QdPSG3yBtO4vdz2VGhVrr-E1Yx7PLtmbSY%2C.BLt5BuL5VS8huf_7va2y0Hoequ...
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.co.il/sync_cookie_image_decide?token=9863.wt462tTLBZj9I7EfOP8G4RXsA-xipIOYEggSu0yejxeXm18onHGixHZ0oqw04d9aB7LB7Aea-QdPSG3yBtO4vdz2VGhVrr-E1Yx7PLtmbSY%2C.BLt5BuL5VS8huf_7va2y0HoequM%2C
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.co.il/sync_cookie_image_decide?token=9863.wt462tTLBZj9I7EfOP8G4RXsA-xipIOYEggSu0yejxeXm18onHGixHZ0oqw04d9aB7LB7Aea-QdPSG3yBtO4vdz2VGhVrr-E1Yx7PLtmbSY%2C.BLt5BuL5VS8huf_7va2y0HoequM%2C
date
Sun, 25 Dec 2022 11:08:24 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
settings
syndication.twitter.com/ Frame A60E 		1 KB
734 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=41374092d4acb99d91d0fca749414868f99959e8
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
10fc98318d2b1839f0d1783b5dc616cc96954174df0fd185f49a5a51d6b5e361
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time
116
date
Sun, 25 Dec 2022 11:08:23 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Sun, 25 Dec 2022 11:08:23 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
febca6614646bfd0
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
0a8337f19dac033fa17ac80a7e076f4e2b158a6f877e703e7bc6eabc8ff4846c
content-length
413
get
odb.outbrain.com/utils/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=0&rand=89599&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=20109&sig=tLfmqD0S&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f5947dae9c52affc607cbeb60710afa2d1601de4b9f2e7c1bf89a8817f00453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 25 Dec 2022 11:08:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671966504.937651,VS0,VE108
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21956-LGA, cache-vie6383-VIE
x-traceid
0c1c1b72839be07718dfe43e8baf6f27
accept-ranges
bytes
content-length
1130
expires
Thu, 01 Jan 1970 00:00:00 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:23 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 23 Dec 2022 11:05:15 GMT
etag
"63a5613b-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 25 Dec 2022 12:08:23 GMT
3546959
dal.walla.co.il/event/ 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dal.walla.co.il/event/3546959?from=www.walla.co.il
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d71e8a076617b0ad9f9b40e0819dd3bd6ebc87ca622ed5faf59edf16a849512

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:13 GMT
content-encoding
gzip
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
10
x-srkey
57c624e6a6243680f0a405e0fa380f45
x-cache
Hit from cloudfront
x-cached
HIT
pragma
cache
server
openresty/1.15.8.1
x-speed
0.1723949909
vary
Accept-Encoding
x-hostname
4cc0c3624e41
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
x-ip-x
24.90.101.237, 64.252.66.31
x-ip-r
10.30.22.186
cache-control
max-age=60
x-amz-cf-id
lw5ATxgi_xvVWLWpai0tLpgc_iXaQPxZ76s0x2B8njHuiXmU4UlhSw==
expires
Sun, 25 Dec 2022 11:08:53 GMT
map-id
ledger.crowdad.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=6b9e854f-3e7c-46d1-98fc-ce7ceffb7a0e&adnxsUserId=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D6b9e854f-3e7c-46d1-98fc-ce7ceffb7a0e%26adnxsUserId%3D%24UID
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=6b9e854f-3e7c-46d1-98fc-ce7ceffb7a0e&adnxsUserId=9066383568577469336
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=6b9e854f-3e7c-46d1-98fc-ce7ceffb7a0e&adnxsUserId=9066383568577469336
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
34.252.9.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-9-72.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:25 GMT
content-length
0

Redirect headers

Date
Sun, 25 Dec 2022 11:08:24 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
014f519d-de1d-480f-8024-3fe03b03f8ab
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=6b9e854f-3e7c-46d1-98fc-ce7ceffb7a0e&adnxsUserId=9066383568577469336
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:57 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12506
etag
W/"558e-18548279dd0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
fGmQCnAsZp7YFs55PC-AFOSuwaHf0yPbhaSJQKvToIfJrYXWPTWBGg==
3474289-46.mp4
images.wcdn.co.il/q_auto,w_300,t_18/3/4/7/4/ 		11 KB
12 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.wcdn.co.il/q_auto,w_300,t_18/3/4/7/4/3474289-46.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
fa069b65a5576e64c37ea1efeceb760256bdf3078aa872d5aa2c0c26e1333554

Request headers

Referer
https://www.walla.co.il/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=983040-

Response headers

date
Sun, 25 Dec 2022 10:30:41 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
2262
edge-cache-tag
383375437874894369962581497875119697211,337475062601781952787363620968152228896,d2bce9e04f88d43dd8350e859c701704
cache-tag
383375437874894369962581497875119697211,337475062601781952787363620968152228896,d2bce9e04f88d43dd8350e859c701704
status
206 Partial Content
x-cache
Hit from cloudfront
Content-Range
bytes 983040-994485/994486
Content-Length
11446
x-request-id
8af865a35495f340cdd25e1a4ce7f3bc
x-ua-compatible
IE=Edge,chrome=1
x-served-by
cache-lga21960-LGA
last-modified
Sun, 25 Dec 2022 10:30:41 GMT
server
cloudinary
x-timer
S1671964227.174279,VS0,VE14037
etag
"a9eade1ccf3f6f1c8ff0aa07d6c8cd1a"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
RX1U2dH9nEoVYmTHExMrhCtY0ETdIW-j54VBxyctmYcAk3T_R3lG7w==
x-cache-hits
1
handshakes
khn.crowdad.io/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.92.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-92-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Sun, 25 Dec 2022 11:08:24 GMT
access-control-allow-credentials
true
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4780630-1&cid=777851744.1671966503&jid=1261799079&gjid=234296186&_gid=1769622307.1671966503&_u=aEBAAEAAEAAAACAAI~&z=2126612847
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 25 Dec 2022 11:08:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
handshakes
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.92.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-92-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Sun, 25 Dec 2022 11:08:24 GMT
1616785908557850
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74c7fc8a91ccbd41a67db3d66c8b10c9fe8b533015febb0dd9431e4d547eedde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 25 Dec 2022 11:08:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86269
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
1SjVgjwlQnLxw9x0yzj0iA1Z0vIv1jt62BBOY5eqvxABnmGrFN2r1NdsMHHbOF9OLCjsPbkNHo1C0dxnz8m4Iw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache
etag
"1481c32-41771-5c7110f340cdf"
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=98795
accept-ranges
bytes
content-length
82748
expires
Mon, 26 Dec 2022 14:34:59 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84da8714ed2dc7517b5f011504350ec999762f66d7a4bb7ea5f1a7aaa1226ccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
77f11e5b1f6c90c4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221225
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297f9ba17399952c1c714755f4e3a2b00b4ca7a911cf24533c26a3039b323700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25658
x-jsd-version
1.0.1566
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4538-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-Za0NOhqUsqdyNOVkqe6n6NFrtgU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhMZZiVA89ykMQ2Grf9n3uhKMNvS%2Fe5nD%2Fv97Y6huB%2B4AISDKTGq0KtYf4vIP%2Bp%2FcS1IwiIBPXS3SmeO5U6TLSLCWVDTJw6zCvWgFZSHR3KfFZJdRlk8rSVx9I6wUrhzfD4VX8nLeuCtdQ7daps%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77f11e5af8299046-FRA
localstore.js
script.4dex.io/ 		483 B
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 11:08:24 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
67032
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wH%2FaVifrn%2B0doasXxV70t%2FrKSSjTpOmr8L3w91wUFlkctLI2f4eptpW%2F8%2BOGXSevJwVVj8dFFZRiipaQkCvP8QumhrO4ovBhlgrYLHL9gHr7LhDJoagifNXR7GeDjCiPJJpQkM%2FPE4yqLPdl"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
77f11e5af8375c80-FRA
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Sun, 25 Dec 2022 11:08:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
u.openx.net/w/1.0/ 		72 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=00fe148b-4b10-417d-8b98-fb3b5cfbb80c%2C173b1bcc-fcff-4e13-a3c1-bdd2c9c1788a%2C947b9e0f-19d8-499b-9774-b22e943f1522%2Cfee19cfe-ba86-4403-965b-46a5a3c47bdd&nocache=1671966503874&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C300x250%7C300x250%7C300x250&divids=adSlot-2%2CadSlot-4%2CadSlot-5%2CadSlot-6&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fyad2_rectangle_desktop%2C43010785%252Fwallanews%252Fmain%252Fshopping_rectangle%2C43010785%252Fwallanews%252Fmain%252Fsport_small_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f71e15ebacccee8679e15161ad92cb00bfb35e6deb02c8f77a08be952ab079a7

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		472 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f28943825ea1d72934cb8d4352b65c85956dee7957436e05efb26e3525f31658
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:23 GMT
AN-X-Request-Uuid
6e110a1b-e206-4b44-8927-843ad8ed2927
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
472
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
77f11e5affcf2ba2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
77f11e5affd12ba2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
77f11e5affd22ba2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
77f11e5affd32ba2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
06eb7c9cf2661fe4b8469b92be4a92fa31ae0c08c90256f6566182d620ff8f15

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.walla.co.il
Date
Sun, 25 Dec 2022 11:08:24 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:23 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:23 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:23 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:23 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=00fe148b-4b10-417d-8b98-fb3b5cfbb80c&l_pb_bid_id=3350d30b3a30467&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.5363325038969338
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ba12e4451c4f081743550469041d8e90401fa12aae6f6032ce944f39a1fa744a

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		402 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=173b1bcc-fcff-4e13-a3c1-bdd2c9c1788a&l_pb_bid_id=34b8f63500aeae6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.9569117397442648
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bca1f5f1e4bd09b0b47ad83142cbd83154ce3e56c578c1b513a484b244777029

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
402
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		398 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&tk_flint=pbjs_lite_v6.29.3&x_source.tid=947b9e0f-19d8-499b-9774-b22e943f1522&l_pb_bid_id=357f55b92ee1e65&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&slots=1&rand=0.14794484917857798
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fbd18c89877a8f89947d61c57ad9b01be67251ea3d1b88e3f89edcafc963ea66

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
398
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		409 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=fee19cfe-ba86-4403-965b-46a5a3c47bdd&l_pb_bid_id=36a4e284c682d64&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&slots=1&rand=0.08772418243986602
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7fb40cd83a36a21cd5a458899304a641711da0cf9498fafd1f15b9823165e24b

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
409
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-159-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:24 GMT
AN-X-Request-Uuid
32e6af48-2b6e-4469-8fba-dd0bdc0729f3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2bca6ea3585ca623afd22764a22989ede09fbd4494fc36536d232a90733ae8e6

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 25 Dec 2022 11:08:24 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		892 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F&PublisherDomain=walla.co.il
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
dee96485eabec82dbc9ac45d71af325e01eed508532ef7489a2d10dc171e7e4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
77
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
892
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2260b3b0929c89923%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22domain%22%3A%22walla.co.il%22%2C%22publisher%22%3A%7B%22domain%22%3A%22walla.co.il%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2261ca38f1b0d8327%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%2263893d39014fd67%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%7D%7D%2C%7B%22id%22%3A%226484a0899c7f65%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%7D%7D%2C%7B%22id%22%3A%22652b34a24d52287%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e832dff1b5cf72365eb7021c2213f93fc47a0ddca3bc5cd5ebeb0c1b6701c10f

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ipu7ymQWQvjYveGCPozEgVQFwiESTwd3EZfv2Dlfh%2FrKOgQGF1VZi6xbbOrPxArgZCirgl335%2FAUZROYjIWw%2BQH0gv%2F%2BYN3z72DvTjFPOMn01Xj7%2Fc3iRmQRau1VKjGnqAxUEdj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77f11e5bce388ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.88.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-88-238.compute-1.amazonaws.com
Software
/
Resource Hash
aa4075ac0bf01b9d1951136464d888cfa1c6f26ae888f9c948d15e49652d4844

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
x-reason
maxmind anonymous vpn
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.walla.co.il
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
mp.4dex.io/ 		114 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8238c71a4eaa478365b5ade43d40246b88634330b567e0cb1f6782fd101011de

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 25 Dec 2022 11:08:24 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1241
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
77f11e5b1ac79b9a-FRA
expires
0
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=524916071
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Dec 2022 11:08:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1243182036642193&correlator=4057152721561463&eid=31071159%2C44777629&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Ctop_desktop%2Cpremium_rectangle1_desktop%2Cdontmiss_strip_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1200x40%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x200%2C320x50%7C865x190%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=1750305995%2C885339185%2C2822717126%2C3185403616%2C581680297%2C3350566118%2C627877340%2C4035892786%2C2413266993%2C3423946703%2C941261747%2C3384287594%2C2655517678%2C199863102%2C41169729%2C2603141497&sfv=1-0-40&ists=4095&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1671966504004&lmt=1671966504&dlt=1671966499459&idt=713&adxs=200%2C920%2C200%2C535%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C20%2C1192%2C3541%2C12079%2C12079%2C12079%2C12079%2C12079%2C12079%2C12079%2C12079%2C12079%2C12079%2C12079%2C12079&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x-1%7C1200x0%7C300x0%7C864x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=1200x-1%7C480x0%7C300x0%7C865x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C1200%2C300%2C864%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=777851744.1671966503&ga_sid=1671966504&ga_hid=2078144377&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64583de6c1973923e826f10067145e42149630a4a5784b6c7d30f0a03ce56d59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17877
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-2,-2,38284305,-2,-2,-2,-2,-2,-2,-2,-2,38240625,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-2,-2,68907848985,-2,-2,-2,-2,-2,-2,-2,-2,68907848985,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 019E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:24 GMT
expires
Mon, 25 Dec 2023 11:08:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
3474554-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200/3/4/7/4/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200/3/4/7/4/3474554-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
9cf2b5f927acff163effd6ef1ee5bc782dd52d602bdf6b166e24be81069154a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:21:15 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
13629
edge-cache-tag
212494676044251783972494825598344504543,385029475625341910144138938533186147889,d2bce9e04f88d43dd8350e859c701704
cache-tag
212494676044251783972494825598344504543,385029475625341910144138938533186147889,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
2916
x-request-id
5876315349a8efd340ddc326f4d2bdc0
x-served-by
cache-lga21956-LGA
last-modified
Sun, 25 Dec 2022 07:21:16 GMT
server
cloudinary
x-timer
S1671952875.792897,VS0,VE557
etag
"17403b0a32d2510fe80050a914c7c211"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
g7wTsAom2cjCZQAh20S_qkJs5ztlxspexkADWn_TyKAaXqpAbW2Xvw==
x-cache-hits
0
3449691-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200/3/4/4/9/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200/3/4/4/9/3449691-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-14.muc50.r.cloudfront.net
Software
cloudinary /
Resource Hash
e122c3ab4bf481fa8edcd41987d5f9b3607360745dff98e2a9388ff03383e7c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:21:15 GMT
via
1.1 varnish, 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
13629
edge-cache-tag
408055166182470345799289950465868795619,385029475625341910144138938533186147889,d2bce9e04f88d43dd8350e859c701704
cache-tag
408055166182470345799289950465868795619,385029475625341910144138938533186147889,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
4152
x-request-id
a580e9f0831c39845b3f9b76e05beec4
x-served-by
cache-lga21949-LGA
last-modified
Sun, 25 Dec 2022 07:21:16 GMT
server
cloudinary
x-timer
S1671952875.227251,VS0,VE634
etag
"0b525a720c75ca0b7d9ba988659ebd3f"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
ctaq1Ah8XsjBdkRGPP-oNKCDczyZcGo8e-kDf-KNY--pNv1XVRmAMg==
x-cache-hits
0
play.svg
www.walla.co.il/public/assets/icons/ 		359 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/play.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
daa21d896f1bb4d044779b10b38fd7793654c8b214908be7ae812dbff9f083d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12506
etag
W/"167-18548279dd0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
359
x-cached
MISS
x-amz-cf-id
i9FtGdPCmHgFujTw9C2LXGaOZDM72b5epCPfsrRUoxzuovpJ6rgY1Q==
json
trc.taboola.com/1245572/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1245572/trc/3/json?tim=1671966504229&data=%7B%22id%22%3A734%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1671966504190%2C%22cv%22%3A%2220221222-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drtbee-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1671966504228%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A9%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b191ac38b2566e66ed358a2bbf86cab02f95257571bf2ba354d5a777140232ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
14
date
Sun, 25 Dec 2022 11:08:24 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn-etou8220080-HHN
server
nginx
x-timer
S1671966504.427861,VS0,VE14
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=777851744.1671966503&jid=1261799079&_u=aEBAAEAAEAAAACAAI~&z=2129237019
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=777851744.1671966503&jid=1261799079&_u=aEBAAEAAEAAAACAAI~&z=2129237019
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oebu0&_p=2078144377&cid=777851744.1671966503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671966504&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L30GH6X3WK&gtm=2oebu0&_p=2078144377&cid=777851744.1671966503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671966504&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1671966504467&cv=9&fst=1671966504467&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44afc870d7276d6452cf6939d71bac20c61a1869aa28832bb555703187513bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
981
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=3d03c3e9074839d3f436b0adb2fdee4d_1769_1671966503991&tm=1715&eT=6&wRV=20109&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Dec 2022 11:08:25 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
99084957c8c9d0018991adf48b20e9d6
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=1&rand=28224&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&t=M2QwM2MzZTkwNzQ4MzlkM2Y0MzZiMGFkYjJmZGVlNGQ=&adblck=false&abwl=false&px=209&py=1207&vpd=7&cw=282&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=20109&sig=tLfmqD0S&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5d4feea9ed002616d87e55cfc61a07f6873b4dea8c6a6f3ad68cfd691427f3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 25 Dec 2022 11:08:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671966505.607072,VS0,VE122
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21952-LGA, cache-vie6383-VIE
x-traceid
9908b625c2646dad44733baff6b184f7
accept-ranges
bytes
content-length
3820
expires
Thu, 01 Jan 1970 00:00:00 GMT
walla.json
www.walla.co.il/public/player-config/ Frame FE53 		111 B
481 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player-config/walla.json?cache=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_dedd31ca649d0d1e7e30_dedd31ca649d0d1e7e30_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-35.ams1.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Flive.wcdn.co.il%2Fnews%2Fprog_index.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:39:58 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 25 Dec 2022 07:20:33 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
AMS1-C1
age
12506
etag
W/"6f-185482799e8"
x-cache
Hit from cloudfront
content-type
application/json; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
111
x-cached
MISS
x-amz-cf-id
kfRs-xE3H1J50ESZkxcjtAvYygMVHY9M-Jsnvjlv2hkGqACBzNv8gg==
170717926997655
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
57d72a447554a1e6d90171f0c80dbc94f19c4682384102bcbcc5a5cdb4ea4ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 25 Dec 2022 11:08:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86210
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
DsVxdJO83oog3xYU/RoNkiBJR/oDOv1rdo7BsmJo90aYhqY46sZG+WEbYqO8fPEklOpzAlQLnZVy8iDP5I/3qQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1671966504692&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1671966504690.2075383010&it=1671966503753&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 25 Dec 2022 11:08:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-request-id
70a59698-6e8b-4ec1-a56a-c31082956106
x-vad-version
0.9.13

Response headers

date
Sun, 25 Dec 2022 11:08:25 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
fea741078511ac8f8ebd7385ea2fb7ea
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
ads
securepubads.g.doubleclick.net/gampad/ 		68 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1243182036642193&correlator=2462366280910280&eid=31071159%2C44777629&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cyad2_rectangle_desktop%2Cshopping_rectangle%2Csport_small_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=120x600%7C160x600%2C320x50%7C300x400%2C320x50%7C300x250%7C300x260%2C320x50%7C300x250&fluid=0%2Cheight%2Cheight%2Cheight&ifi=17&adks=2273020712%2C1194681899%2C1073900268%2C2033830820&sfv=1-0-40&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D90081f2e364a0a8%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D87e0efdae2065b4%7Cslot_name%3Dshopping_rectangle%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D88e2b2f13677746%7Cslot_name%3Dsport_small_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D89f188d3e7abf24&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1671966504780&lmt=1671966504&dlt=1671966499459&idt=713&adxs=1480%2C200%2C200%2C200&adys=290%2C1232%2C1252%2C1272&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C15%7C16%7C17&ucis=h%7Ci%7Cj%7Ck&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C300x0%7C300x0%7C300x0&fws=132%2C132%2C132%2C132&ohw=0%2C300%2C300%2C300&ga_vid=777851744.1671966503&ga_sid=1671966504&ga_hid=2078144377&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ed9687bbd4c0032c792b2edc2583868dc4b8af91e7adb1f6266c34cd59216b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22361
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 11:08:24 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NB9TPTTJ7K4TEC83
Age
177564
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
xztyPZwGgJn0sD9o3QVLOzKKg7V8FiR6zvSSuMY6lcsF5SxoV/ytZi+T8sTBdgOeCm6b97XZQ1c=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCW8NFPBeUVq%2FZq%2FBnU0n3sT8KZyCEqU%2FGeECvHbbPZk8SRfAVmJuufSShoBhZancJHcHKKanqiJpu2W%2BRV1xdVP30MX%2Fj4Kavkr%2BPGRb7SC9zxiNsR%2Fr8uTJJG2%2BphJiqokVN0ErpSaNYk7"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
77f11e5f6995994b-FRA
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
2574290
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
77f11e5f5ccc90c4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
1
mc.yandex.com/watch/91804681/
Redirect Chain
  • https://mc.yandex.com/watch/91804681?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A2255%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
  • https://mc.yandex.com/watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A2255%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
435 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A2255%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A354277978640%3Ahid%3A251923799%3Az%3A0%3Ai%3A20221225110823%3Aet%3A1671966503%3Ac%3A1%3Arn%3A409430070%3Arqn%3A1%3Au%3A16719665031048893011%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A65%2C39%2C18%2C46%2C1332%2C0%2C%2C1080%2C0%2C%2C%2C%2C2581%3Aco%3A0%3Acpf%3A1%3Ans%3A1671966498001%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671966505%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94%21%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
13a90071ba0da543250344a8bba1ecb4b1c6597c17af39bc501186b4662b3126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 25-Dec-2022 11:08:25 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Sun, 25-Dec-2022 11:08:25 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:24 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 25-Dec-2022 11:08:24 GMT
location
/watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A2255%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A354277978640%3Ahid%3A251923799%3Az%3A0%3Ai%3A20221225110823%3Aet%3A1671966503%3Ac%3A1%3Arn%3A409430070%3Arqn%3A1%3Au%3A16719665031048893011%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A65%2C39%2C18%2C46%2C1332%2C0%2C%2C1080%2C0%2C%2C%2C%2C2581%3Aco%3A0%3Acpf%3A1%3Ans%3A1671966498001%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671966505%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94%21%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://www.walla.co.il
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 25-Dec-2022 11:08:24 GMT
container.html
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A386 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:24 GMT
expires
Mon, 25 Dec 2023 11:08:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8FAE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:24 GMT
expires
Mon, 25 Dec 2023 11:08:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4C14 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:24 GMT
expires
Mon, 25 Dec 2023 11:08:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A7AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:24 GMT
expires
Mon, 25 Dec 2023 11:08:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:25 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Tue, 24 Jan 2023 11:08:25 GMT
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:25 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1662969048.571231"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
expires
Tue, 24 Jan 2023 11:08:25 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=cde82d69137249ea6b472f5da7929c87_1769_1671966504672&tm=2171&eT=0&widgetWidth=282&widgetHeight=36&widgetX=209&widgetY=1578&wRV=20109&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=431&oo=true&lo=2595&odbreq=6563&odbres=6994&cet=4g&to=1671966498001&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Dec 2022 11:08:25 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
ca8d52be7d781f7850ef63c64c504257
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
streamFeed.js
widgets.outbrain.com/nanoWidget/20109/module/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/20109/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c24bad101be9ecf42509350febb31dbe8667ba81748ca4bbe715eb14c62bceab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:25 GMT
content-encoding
gzip
last-modified
Sun, 25 Dec 2022 08:31:29 GMT
server
AkamaiNetStorage
etag
"22a52c965abe861f656e4e34ed511cc7:1671959046.256419"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13299
expires
Sun, 01 Jan 2023 11:08:25 GMT
get
odb.outbrain.com/utils/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=2&rand=64996&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&t=M2QwM2MzZTkwNzQ4MzlkM2Y0MzZiMGFkYjJmZGVlNGQ=&adblck=false&abwl=false&px=536&py=5391&vpd=4191&cw=864&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=20109&sig=tLfmqD0S&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ca1b1c00c579b1e430a90337575300f7d2301d71998c99f300f496b5e0c5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 25 Dec 2022 11:08:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671966505.053201,VS0,VE408
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13625-LGA, cache-vie6383-VIE
x-traceid
a9a0cc42b2c908b4ae3cbb30cd7c18b7
accept-ranges
bytes
content-length
11262
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 25 Dec 2022 11:08:24 GMT
server
Google Frontend
x-cloud-trace-context
d5e04fe526bb05306ffda8b4ec00f7b3
x-request-id
undefined
truncated
/ Frame FE53 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9863.thj3HIbykKivHvKAdHVppNhWR2V1Dp16yn-adMtQMEMUIxYMsUJeO3K2qBGUbskQ.nUxDYEERKU6jATrfAX0nKqe5t5M%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9863.uF74BTStl-KLrJxNt_nXMDvKMLDUvyq_qb-1fRTBcusHfIipjvMIBYqoxsrUu3bSctKv8xtMTjJb_73VRR8kNFTGKnlf5Nr7XrQnfc6g_tM%2C.onBbtqqhB0k_3AaoNo...
43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9863.uF74BTStl-KLrJxNt_nXMDvKMLDUvyq_qb-1fRTBcusHfIipjvMIBYqoxsrUu3bSctKv8xtMTjJb_73VRR8kNFTGKnlf5Nr7XrQnfc6g_tM%2C.onBbtqqhB0k_3AaoNoizRWgCyqA%2C
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9863.uF74BTStl-KLrJxNt_nXMDvKMLDUvyq_qb-1fRTBcusHfIipjvMIBYqoxsrUu3bSctKv8xtMTjJb_73VRR8kNFTGKnlf5Nr7XrQnfc6g_tM%2C.onBbtqqhB0k_3AaoNoizRWgCyqA%2C
date
Sun, 25 Dec 2022 11:08:25 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_decide_secondary
mc.yandex.co.il/
Redirect Chain
  • https://mc.yandex.co.il/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.co.il&token=9863.hPmVCB_Oh2Z-kEjG5EAuatldUJxXmvVaqVSgHfZGJycfShhKW239yBepjWUNwt1-.52tRhi230AWYbxu-Fc27JUhQ13U%2C
  • https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9863.7xOUgAj6uf-hKLLlEjrfrKZSVu-5nGhpU7KllIwEac-lMizGCGu1ayZFm6DWzSsEDK8Q9CFzm9lcZWOymf4-PPukOcfk9ykeVngUCBfSHiU%2C._fmjPXoxBvi2DDyM...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9863.7xOUgAj6uf-hKLLlEjrfrKZSVu-5nGhpU7KllIwEac-lMizGCGu1ayZFm6DWzSsEDK8Q9CFzm9lcZWOymf4-PPukOcfk9ykeVngUCBfSHiU%2C._fmjPXoxBvi2DDyMVq-09UN05xU%2C
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:25 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9863.7xOUgAj6uf-hKLLlEjrfrKZSVu-5nGhpU7KllIwEac-lMizGCGu1ayZFm6DWzSsEDK8Q9CFzm9lcZWOymf4-PPukOcfk9ykeVngUCBfSHiU%2C._fmjPXoxBvi2DDyMVq-09UN05xU%2C
date
Sun, 25 Dec 2022 11:08:25 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
bd50880d-a7e6-492e-b85b-d715ab7e0981
https://www.walla.co.il/ Frame FE53 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/bd50880d-a7e6-492e-b85b-d715ab7e0981
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
prog_index.m3u8
live.wcdn.co.il/news/ Frame FE53 		419 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.wcdn.co.il/news/prog_index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.130.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-130-109.kix56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dae24f1e957c8168b84dfb1c52ccc3558f79fdf62a79de2891a1c6d979448ca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
via
1.1 e06dfcdb8abf82709b7aa659a8d098ce.cloudfront.net (CloudFront)
x-amz-meta-user-agent-id
news-ftp-user@s-91b1139c587448219
x-amz-cf-pop
KIX56-C1
x-cache
Miss from cloudfront
content-length
419
x-amz-expiration
expiry-date="Tue, 27 Dec 2022 00:00:00 GMT", rule-id="expire_old_segments"
last-modified
Sun, 25 Dec 2022 11:08:24 GMT
server
AmazonS3
etag
"b324b2d95bcc074d8b7e4f05dc6fcef9"
x-amz-meta-user-agent
AWSTransfer
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
rzqTc3-FL-Y6FyhbXspqihtBD-hi87U1Jzm1lj7Q-iaC4ocLUWGteQ==
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame F93C 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
381308
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:13:17 GMT
expires
Thu, 21 Dec 2023 01:13:17 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame FE53 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:08:26 GMT
integrator.js
adservice.google.com/adsid/ Frame FE53 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
get
mv.outbrain.com/Multivac/api/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPP&key=NANOWDGT01&version=20109&apv=false&sig=tLfmqD0S&format=html&rand=46142&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=M2QwM2MzZTkwNzQ4MzlkM2Y0MzZiMGFkYjJmZGVlNGQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=4&lastCardIdx=0&fAB=11731-42692&layeredTestInfo=11731-42692-&dpr=1&cw=282&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/20109/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef75a90242e932b208657ba3acac84886c2dafe538ffc16696204c111e97584f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 25 Dec 2022 11:08:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671966505.483064,VS0,VE416
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13628-LGA, cache-vie6383-VIE
x-traceid
e2c8a2123b68f94fe2205744925a38ac
accept-ranges
bytes
content-length
8612
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1671966505459&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1671966504690.2075383010&it=1671966503753&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 25 Dec 2022 11:08:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
container.html
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DBC2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:24 GMT
expires
Mon, 25 Dec 2023 11:08:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D8B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:24 GMT
expires
Mon, 25 Dec 2023 11:08:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E7D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:24 GMT
expires
Mon, 25 Dec 2023 11:08:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E3A2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:24 GMT
expires
Mon, 25 Dec 2023 11:08:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4fb76a5f-5aae-410d-9796-0e2c6e69b538
https://www.walla.co.il/ Frame FE53 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/4fb76a5f-5aae-410d-9796-0e2c6e69b538
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
5872
Content-Type
application/javascript
d3baa2c9-1684-4954-bce3-6562108426e2
https://www.walla.co.il/ Frame FE53 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/d3baa2c9-1684-4954-bce3-6562108426e2
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35dc98d4d5d230542ea1fbbef4e1632155545e01ffbe261346e0254a8620100c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
60e24a25-2e1d-442c-9b97-06ae45098dc6
https://www.walla.co.il/ Frame FE53 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/60e24a25-2e1d-442c-9b97-06ae45098dc6
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35dc98d4d5d230542ea1fbbef4e1632155545e01ffbe261346e0254a8620100c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
drop_cookie_sw.php
csync.smilewanted.com/ Frame C0C5 		0
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e654d7d90c4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:25 GMT
server
cloudflare
vary
Accept-Encoding
events
khn.crowdad.io/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.92.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-92-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Sun, 25 Dec 2022 11:08:25 GMT
access-control-allow-credentials
true
content-length
0
events
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.92.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-92-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Sun, 25 Dec 2022 11:08:25 GMT
/
www.facebook.com/tr/ Frame 3B87 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:25 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A7AE 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
71592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 15:15:14 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame A7AE
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstPyR-2UHh4z_-EzCNNZLhBCPA_9PhHNepxGQ3i0aa8MCnSQ8vhRcwIUg7LFo6KsSdRpwlpK3UgmZ6u21H2LxBdNF9rslciw-PmEdQuP4LRxXHBiX7QzvrWPYukmFLkr-xVE5ZsC...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 19:58:36 GMT
x-content-type-options
nosniff
age
227391
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Dec 2023 19:58:36 GMT

Redirect headers

date
Sat, 24 Dec 2022 19:12:04 GMT
x-content-type-options
nosniff
server
cafe
age
57382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 19:12:04 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4C14 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
71592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 15:15:14 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 4C14
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuKufzzD-2c92kzEH5XJuWZBM7CQSEKqnt1hDNusbIeOj-JRnwZ0E-QIOHMlThCC24fH1G0J-1y5R9Jhdq-F6Z5MhJftxzkpj_TqxXxMJp_aRZBm6gVx1Qe5aNvb1Uh3YU6Fac7B...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 19:58:36 GMT
x-content-type-options
nosniff
age
227391
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Dec 2023 19:58:36 GMT

Redirect headers

date
Sat, 24 Dec 2022 19:12:04 GMT
x-content-type-options
nosniff
server
cafe
age
57382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 19:12:04 GMT
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1671966504467&cv=9&fst=1671966000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=3991406306&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1671966504467&cv=9&fst=1671966000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=3991406306&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0BC4 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYnbfp2wEwAQ&v=APEucNXvTnSqUcLUUvTNOZAqusX622gnBblnQgzdd9YhbynYHYj5wPvKZr3lu0U13msm_n-d1yTvtJfmcbdMOkZamCbMksILwSAWD6Lm_pa01fZlhGM5eX4NrGawaqIpRXxEZtnFFTvASSOGrkqXRjZPkzzmyqU6gdpf0aaYZjjkXsxlSwHFJP4
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:25 GMT
expires
Sun, 25 Dec 2022 11:08:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A386 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxWr2bZrJ_KsnPD1HZ2Uaq_g4R2UC4W2BSyH_KSZyDFe6jfBCF2xRgyHyQwV_MO_ssqpC85NmXg0av6azjjYllxwFtLA&cry=1&dbm_d=AKAmf-D-aYOEr0yfiCSJNp6gkUfP1vwRnrCrbVceeUJ_g6jlxKmFLTwPzO9muicCUvOy1atWiaX6cn2oFPY1qoGE5paivKHBQksU_QXw82884CXINBtQwGXRLBmFH1WHydjdYDuYdMcfDU2qwq8iD5AOCQZSHLnjRLxT3zQqkk41SBHRD0OPYASoB01SJd9FK4_sSYFctgQjzqH7qPBX0R0kUVkuE2oF-YohPvgbCgspQUwo3KiJQNxrHVGZL15PAbm00zh2zSUYpFLYFhKOnSCJ5itC3DHPIod6Jn3Ce7bwrfUyctvHMlrl7rdFtWMJu9tEHW5lxPKYkMWSj60cb3WxTvH3lV9pSAk-pZrbd9Xf36m5wdQjpGI4NP6YdCFnWoMHIelvRwE6o_mMzkHRkkdn8gV7CnAZvSwmw_hgBrW34au8Y2eaZ32wSh7nwmM-TetaDh6PBXlxEZCLuL-CAKPgonyCOaiztv7Uvnw_IZT-I3Yg-R2hPMagfwJn2iojCwD2Vatf-d20qyzxzxYJTAqOINL8YxFiPuxOhQQs7Dxk3c-97b2dJBo8JsbUab48vsFTdMKJmqmo1uflT7jFKsyeFaGnvOZvVqYK04PzAJHO8d-RQrSgtqdwGQ8vrIxVSXS_BRFVVwNtIBuuQDVqI6XSWpPuOw5IQf367tblvETi7IG28l_tZx5nsCXJ5Mq8RzYQx6Jcs3_vFe8kF5O8WZTSfHx3eJ_XOWzCz3-5nK0cqumZ6YqiNYPYq33lk40fQRhzK8hvmfjvOmIdIwvdeLPLTvF5fYvtjdzHNUMtdfghdVaqLXxo68VNP83Fz_UrOWotbAwEyP-3_BF7AGGWZ7bBcKZZi3o6DZO46yS-0dmWswHubrE3i_VoXmsJuM6dNygWG_kd_DgT3esSjNReV9PYLNjJt7r96ONTWMBKZMRCT6-Log2lLge-MvfbLL_lGHy1KEhjx61HaspkD49Uasem458TFjb_WeyB79Zd1C-cGILR_yK3NzPnRY2r6Qowm-Kezq_OFVCpp1k1u3FJC9e0MPzeJquUQZ-zmvZ51hApFyr7j1lmrnQThqtDwvQ_NsVE9DmWQoy_ljbjz0Zyx2Jhqr0UzwV7BJLK62Qqx6bHBQmHLnI9LvGxZyfjDEaKyywp_KMuJNO9e-NXmRhToFyuIFQJTHPDwy2rkN7c42bW8ad7D2aW5Mh_k7O6xSGjcQEiiuLJHhJ6apBQFuaJ-S10Da7nKNyd7DrmMbn5OjjUbuZNv-OsyFMysBAPIHv2W6JYOcInzmhYkfZXhlCfaeQ_8dlnJxP4K0snJtGllFfAFGoCC3s-4WWfIF-vov-AjmYx6sRjZdx_VEsgGlbnX_l4XTUayoN5Q0un5vZZCcVLn8cflLLhl5vyjB6aET76-_IhQ5fBleJ5SkApiV-yzzfAxhLboQ3VLF_SwVeRGNuqO-daBnHNKFtVDshCAzllANe0zdzyo_sMlHQXFAuy3CS1SvL4RW16aaN8zsJImwgdskzDUg31Rto40KvEXt1ak39A44CgYIxvAHaJw9MccsNOzWhWTAyhN1n7QEIRZLXumVnXlRLM0Vg4LoHcPgPp8DwsyI_b30xQLr9s-W37G_CIC3u00wjH9uUuZu1RV63GSqYUC6fsfAJCFFibhf6b7YIUN1G6qnLMfhipXdYNPm3ljyD_r0KHNfLbhpep073C5mvvm21A-uQnbL6OpJvNvq_pR2kOIU9_rxS3eXdGZPPke3A6STBRKWIxhq4M8b6M4TCe47ORUZxkZQwQNnySB8pQ2DjRhdViBIbIIYUMXWl_x0LiZMSAldY6VSCwYA-F7FzqnPW2UjlyweM_c_NLSm1GKl0TehVlir0Jk6s5c09Z6ylprrVd0vyPIgd7sHAGV0-OssNa5hX9YLTZsugcsuziEshdUTMIPCvaMy4EmqDEzZlCtgwUwXD5dlYx1NXZwGvCrBSS46XOLloGUHsQQiroOZxD5XouI199SW11aY5gYc4H_dmxaMPvgkeb-6Ex9VqRcHRFc4YMFWPrGjVczfN3S9JEiG5Txlu3ykqw3NxkaOROvNP_l-SRiqKLDO7ZNQyDW1DTqvwNoTulWvNd3a2HV-fuD--zUhJa6te_qua2jqbxT-CESiVhC2vSaJpsjGtDjgkEWZHqCLCp0Wkem6-azEkvRTkdNkhr7QAVbV4SLMjgmoMKHZvt25yb22piyqMLkn2Hoy2z7IHDHktiUEDAbWUJ4RI2maeodFaa3ECb3Fdt9G2W5sb0lpg95kOsd9UR1q2cjb_nVLeteW-rb81FfDMahHWHzlPcHRwxEjCPHGaensRKFp-9_oJ5EUKpPxG8cNxneQQY2yt-En09O_N_pSO7qPboitWiU3G0r3zA2unUhWrC4X6lprWHxPaT8kX_BZCy-_b6nfS0s-IHO_KhEHfjq7wbsNthik9xgv14AlkchJleX5KuxMPDTzbIg-ih4fMKwdRF4H3RLk8W0EMl4suclV8kH8PakPthffPE4Im11xww3BTF74RFfyVxyZWZK3q4jr2ZDNIEyp1dBl5dXfEWMlFEXCS0r97tEzzi5-jw3zp8AXuSFPJDaulKQxf1cl-qzcJY8x8-VjUHXxhPYG4c6SiH0jTS9THd5aXMSaXL2SnVLz2_pbj3Rq1uuF81HWGYJ4WgFHU3_ytRnBRxoSWCWDa_HLmRlNutwDmzEwN16R8oIYHiKfVUmgHuKZcw3et-qPYcmroVTuuFZkKzcXV-So8kNDOWG5jmES38RRxUrtM79qFLhPLTdVozjG0FYjmjcmc5wOkuVbLgYyocVBQo1_TuwUTpMXgFdLOx0LIVploPvUcggtP4liGMd-Jl6P18PeTDs_3EiDn8gw-OG3wtjRlCjGz_Ub3o6XPdN2UmQW6rdR4kxFUB3n3ocnn1bxX__pep5D5RrvLQmzT2GDpS6dGDo6p3C7HOSR7xEBCjgn6Jtq7NNJxFgrhR0sXryYcJ9K6pOjEEdrI5peCPCybNsMdtOST9-bJ4cCDmGxc6fjiR9_0Wvo2QUhLXP7G6d71EhHCANP24nuspBU7lMUsnBNjJJGWCVPUF7kDN3DXW37e34n5yS63AXdAHsL3CcD6o0NLalxXT2ni0uswV0vxSU6ZcBfP28Ekj9TqyDEaf2DGBsPXRsvIIyOWdfLxRvVIXA4HS2-l7cErNZ2MRmWAcliOV2xOndWuLq29lk5Y_UO3xrQ&cid=CAQSSwDq26N92ua9XRhq1n5tnMaRgCOaaLOYeME4U1QQbrWL98Fje6j4wScsAlyCs_hcz7yZwo1500691-ETxbVs2XhMZH95gwO6BSWw1RgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42ef87c4ced078f8e09993b13826e459b53259070dd303bbc2bf8a910c47306e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34867
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A386 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A2EptWIZLG_YnlVcA1CNaV9SzysO--hdkPvfCgrANxbNdwwDbO41g6EBgNRTqsXGER8Gvemcuq9YRvBQIlTIxHzmDFOBwf-LE7tcizfPg9jux4ur4
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A386 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 13:06:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
79336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 13:06:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A386 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
81316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 12:33:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A386 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 11:08:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8FAE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch4A6KC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoE_wFP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoeND99ywaV_P84eyKfw6yRKFab596NaSMMaRoVzYnnrv02GACP4jgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=leUpurbIc-c&uach_m=[UACH]&cid=CAQSSwDq26N92ua9XRhq1n5tnMaRgCOaaLOYeME4U1QQbrWL98Fje6j4wScsAlyCs_hcz7yZwo1500691-ETxbVs2XhMZH95gwO6BSWw1RgBIBM
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 8FAE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k6W_EJPxG6wCyAGdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQKC-oY5LPz5VnFX2jIGQ3ABIAAA&wp=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
297812
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 350E 		145 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
13700217cde33c17e778e1905d2340655e93649b7949a5886f983410190ac1e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=GXJquEBEE-4gg2IyAwYcevAiFrEFVmkGX7qHbz6N7yQfPSlssXuCh27xAJlu4mHZxUpE6_Xb-jrLSpLFivKGhN6RXZk7Nhu7_fC786t9PtCTA2iFUINCzwUDvXMbjEs40YfynOgpm0OuRPXi1Yhv4stXqBOLlrOf99nIXsvwEFRnBIFA9fXTZoG8fD4M27nK9qtI0uuuYbgEcm_4DHm-bS2Ox1ZL-_D-6s4rB_Cb3nZ7SfYcG8MWZHRsDGkersqBEBHeNQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
84213197
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8FAE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 13:06:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
79336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 13:06:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8FAE 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
81316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 12:33:10 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8FAE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
71592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8FAE 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 11:08:26 GMT
a450a680d12d18759dfdb06197d9f5f7
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame C004
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a450a680d12d18759dfdb06197d9f5f7?gdpr_consent=&gdpr=0
0
388 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a450a680d12d18759dfdb06197d9f5f7?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e6b2cb290c4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:26 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 25 Dec 2022 11:08:26 GMT
Expires
Sun, 25 Dec 2022 11:08:26 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a450a680d12d18759dfdb06197d9f5f7?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1671966506302084-423
v1
match.sharethrough.com/universal/ Frame 06C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.104.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-104-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
smw888.gif
us.ck-ie.com/ Frame 79B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 25 Dec 2022 11:08:26 GMT
Server
nginx
qckcMfmLpA5bPHNZqVzE
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 167A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/qckcMfmLpA5bPHNZqVzE?pi=smilewanted&tc=1
0
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/qckcMfmLpA5bPHNZqVzE?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e6bed8e90c4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:26 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 25 Dec 2022 11:08:26 GMT Sun, 25 Dec 2022 11:08:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/qckcMfmLpA5bPHNZqVzE?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 55FC
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8e90f34ec120a3edc7c6096ccb3c80a9
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8e90f34ec120a3edc7c6096ccb3c80a9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
0c757871-f8e7-4e70-89f5-9e56e91cbd1a
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 25 Dec 2022 11:08:26 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e67685490c4-FRA
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:26 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8e90f34ec120a3edc7c6096ccb3c80a9
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 516A 		1 KB
824 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77f11e6a0faf2bc2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:26 GMT
server
cloudflare
unip
trc-events.taboola.com/1245572/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=1954&scd=9&ssd=1&est=1671966504220&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1671966506175&vi=1671966504190&ri=68358b65bef97a8d9352eb9a9232dd26&ref=null&cv=20221222-8-RELEASE&item-url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
getuid
sync.smartadserver.com/ Frame A4D3
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 25 Dec 2022 11:08:26 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Sun, 25 Dec 2022 11:08:26 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Tue, 24 Jan 2023 11:08:26 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=baf523b0c1e00ce13e758b21c3b87588_1769_1671966505403&tm=3390&eT=0&widgetWidth=864&widgetHeight=259&widgetX=536&widgetY=5391&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=778&oo=true&lo=2595&odbreq=7046&odbres=8213&cet=4g&to=1671966498001&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Dec 2022 11:08:26 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
a097b04b2c1a10e56f0bd20dc6ad9358
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=3&rand=60772&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&t=M2QwM2MzZTkwNzQ4MzlkM2Y0MzZiMGFkYjJmZGVlNGQ=&adblck=false&abwl=false&px=537&py=12437&vpd=11237&cw=863&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=20109&sig=tLfmqD0S&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8f1d54a7edd9966ae55a1760bd19d472b318718070d2b61a060f2d6f598fd690

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671966506.479500,VS0,VE127
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21958-LGA, cache-vie6383-VIE
x-traceid
2b1566d6480e78a49a2831a0a03fea68
accept-ranges
bytes
content-length
3979
expires
Thu, 01 Jan 1970 00:00:00 GMT
8e27dbfe-4a2d-449c-aef8-4b12b8753d6e&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame BFB8
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/8e27dbfe-4a2d-449c-aef8-4b12b8753d6e&partner_id=1010
0
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/8e27dbfe-4a2d-449c-aef8-4b12b8753d6e&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e6d6f2a90c4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Sun, 25 Dec 2022 11:08:27 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/8e27dbfe-4a2d-449c-aef8-4b12b8753d6e&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
googleads.g.doubleclick.net/xbbe/ Frame DD9E 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNXk8qy81zdYXpu-L4-lRbZcaHK4Mk9Rs-xKxTaUYf515trAy64vhWgQ7xa3bcDaPGtw_wApUUT60xKPNdjR5aDKvvyduPaIaNdfm8VPrAWldwkEpTqPqFdJfwJy0Gmz-TfwyCD7ABOxbx8uDIL7oZLT06LJ8FYsm6SB6gzbO_MaxEc0GG0
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DBC2 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 11:08:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBC2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0mhShNKi31trA4YNwF-K8CYRZHdEj_vG-aODn1of2-KlkU8M5SvcDNk7sPR7UnYxZJ77tTTRkgPCWSsU8xii9ncnsfEZp-mmUIfVdDzxsNZCKh44
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBC2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8472963844570602841&x=1&ct=76
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DBC2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 13:06:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
79336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 13:06:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DBC2 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
81316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 12:33:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DBC2 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 11:08:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2D8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Co8oaKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT6AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmG2RVlt0k59OyFS8MaHl02AOatNn4Q26cfAYwQmP954KVlMWZ5drgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=Y14to5V2ZDU&uach_m=[UACH]&cid=CAQSTADq26N95NK2PfcnvfhgG8KvPO223qxnyPkuhPoUsyinnfE4oqrZZND9qDwHD4rH3X52OBD4aaiTr0Xeo97FwjDRF9FOY7Lv4NdbtgQYASAT
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 2D8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k7KVELr5RKwCkAOdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQKC-oYxzPakvnU9DzDcvuABIAAA&wp=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
217563
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame DD4D 		164 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
74d314d3e4913173908c63034b70ee28512d55817ba026860ef559c1dd9d5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:26 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=R-aKnUBEE-4gg2Iyh8exjU9UvsP-XerQCQVfkldHEF-bQTAJYcHWGr-6D1HWiiZaX8ALUEukvAyCD7-ma-I3yil13BNHapqwUYhfEWDs3EHIJY33JTWa3HTodrESTJTsnwES9RnDSYXjKaCUOdY1IVQ5IjAF9fXqLd1Rllu1nRhhWIvFtW-m2Mszx08RJ3PRCywhgOrz7L321UFGbJAO02YFERWD12w9xlrJmpMKbZgamkw8Den_vPH1i4XDlmTTMq7mFQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
106409596
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2D8B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 13:06:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
79336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 13:06:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2D8B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
81316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 12:33:10 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2D8B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
71592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D8B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 11:08:26 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 937D 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXgX0Txso41FcH183V7FTB4wlmx7WMcShgv3PASIu0s0yozDwzl2t9ZKi-qv0q1tyjrfaimlPzffec2-DiA5nFJqIPjsCQO78bvaZnqRMvTMv9SSawcQfxq0OXwE1G2e-GVLKTko-2FKmgDVGICv-bPgofjVCDYQa8Yq0JawbXRl8h77Pw
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E7D8 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 11:08:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJiS12nvAmqNDX5z1mL25AEm7rvWA6CXW9kHVj5cFpRFj9Nq6he93pY9t3GBuRxUwRaRV6110Uuyk7OJjxyS6Tl18Ts-fZtVh0hMQX4VvVOz8Nvl4
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3505846035244926725&x=1&ct=76
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E7D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 13:06:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
79336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 13:06:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E7D8 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
81316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 12:33:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E7D8 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 11:08:26 GMT
rum
dsum-sec.casalemedia.com/ Frame 0BC4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfNW-6vlV2Qa-Q2mRCdJCw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfNW-6vlV2Qa-Q2mRCdJCw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYnbfp2wEwAQ&v=APEucNXvTnSqUcLUUvTNOZAqusX622gnBblnQgzdd9YhbynYHYj5wPvKZr3lu0U13msm_n-d1yTvtJfmcbdMOkZamCbMksILwSAWD6Lm_pa01fZlhGM5eX4NrGawaqIpRXxEZtnFFTvASSOGrkqXRjZPkzzmyqU6gdpf0aaYZjjkXsxlSwHFJP4
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfNW-6vlV2Qa-Q2mRCdJCw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0BC4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6gvKq9s.FAHyA6h3-qF0wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfNW-6vlV2Qa-Q2mRCdJCw&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfNW-6vlV2Qa-Q2mRCdJCw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYnbfp2wEwAQ&v=APEucNXvTnSqUcLUUvTNOZAqusX622gnBblnQgzdd9YhbynYHYj5wPvKZr3lu0U13msm_n-d1yTvtJfmcbdMOkZamCbMksILwSAWD6Lm_pa01fZlhGM5eX4NrGawaqIpRXxEZtnFFTvASSOGrkqXRjZPkzzmyqU6gdpf0aaYZjjkXsxlSwHFJP4
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfNW-6vlV2Qa-Q2mRCdJCw&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0BC4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENprp0xg_k4VFuoiaEjdG_8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENprp0xg_k4VFuoiaEjdG_8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYnbfp2wEwAQ&v=APEucNXvTnSqUcLUUvTNOZAqusX622gnBblnQgzdd9YhbynYHYj5wPvKZr3lu0U13msm_n-d1yTvtJfmcbdMOkZamCbMksILwSAWD6Lm_pa01fZlhGM5eX4NrGawaqIpRXxEZtnFFTvASSOGrkqXRjZPkzzmyqU6gdpf0aaYZjjkXsxlSwHFJP4
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:27 GMT
AN-X-Request-Uuid
27aa2a5a-b37b-463d-bc6d-a2ba62fc03ca
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENprp0xg_k4VFuoiaEjdG_8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0BC4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA2NjM4MzU2ODU3NzQ2OTMzNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA2NjM4MzU2ODU3NzQ2OTMzNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYnbfp2wEwAQ&v=APEucNXvTnSqUcLUUvTNOZAqusX622gnBblnQgzdd9YhbynYHYj5wPvKZr3lu0U13msm_n-d1yTvtJfmcbdMOkZamCbMksILwSAWD6Lm_pa01fZlhGM5eX4NrGawaqIpRXxEZtnFFTvASSOGrkqXRjZPkzzmyqU6gdpf0aaYZjjkXsxlSwHFJP4
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 25 Dec 2022 11:08:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
42350652-365a-48ce-974d-dd42a889dabb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA2NjM4MzU2ODU3NzQ2OTMzNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DA50 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiKkKp5MAE&v=APEucNVaJtJ7VpMd2FNETk9aCqyCUrCRcuJHEpOIOgFs0_wg4hlwZpsZdTHgfwmgCvc7XueYgoAiAB-phj2lJveWUp3mVGeH_Gn8pfJH7l3d83c31htRzqN2LplqJYbcGYbI4aT7YifQAUGvjr3Cfc_36BGJ_ioWFOlDUClM1odB17S2OwvaMOY
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E3A2 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 11:08:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3A2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DwDJ7ng3teo80yuPC7Erymgde037HrAUsgZ3YKmLn963U9DmL2MUb4Z8v5KLJdyAZ2_XweQ2Dt4baSsKkYpItSi4lQkAqctP32ixbHPE_9uMmu1ts
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3A2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11438024863911205384&x=1&ct=76
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E3A2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 13:06:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
79336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 13:06:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E3A2 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
81316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 12:33:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E3A2 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 11:08:26 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 4AD9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 18EC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=67584
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 25 Dec 2022 11:08:26 GMT
expires
Mon, 26 Dec 2022 05:54:50 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
www.facebook.com/tr/ Frame 9D22 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:26 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A386 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Origin
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 01:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Dec 2022 01:05:45 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame A386 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxWr2bZrJ_KsnPD1HZ2Uaq_g4R2UC4W2BSyH_KSZyDFe6jfBCF2xRgyHyQwV_MO_ssqpC85NmXg0av6azjjYllxwFtLA&cry=1&dbm_d=AKAmf-D-aYOEr0yfiCSJNp6gkUfP1vwRnrCrbVceeUJ_g6jlxKmFLTwPzO9muicCUvOy1atWiaX6cn2oFPY1qoGE5paivKHBQksU_QXw82884CXINBtQwGXRLBmFH1WHydjdYDuYdMcfDU2qwq8iD5AOCQZSHLnjRLxT3zQqkk41SBHRD0OPYASoB01SJd9FK4_sSYFctgQjzqH7qPBX0R0kUVkuE2oF-YohPvgbCgspQUwo3KiJQNxrHVGZL15PAbm00zh2zSUYpFLYFhKOnSCJ5itC3DHPIod6Jn3Ce7bwrfUyctvHMlrl7rdFtWMJu9tEHW5lxPKYkMWSj60cb3WxTvH3lV9pSAk-pZrbd9Xf36m5wdQjpGI4NP6YdCFnWoMHIelvRwE6o_mMzkHRkkdn8gV7CnAZvSwmw_hgBrW34au8Y2eaZ32wSh7nwmM-TetaDh6PBXlxEZCLuL-CAKPgonyCOaiztv7Uvnw_IZT-I3Yg-R2hPMagfwJn2iojCwD2Vatf-d20qyzxzxYJTAqOINL8YxFiPuxOhQQs7Dxk3c-97b2dJBo8JsbUab48vsFTdMKJmqmo1uflT7jFKsyeFaGnvOZvVqYK04PzAJHO8d-RQrSgtqdwGQ8vrIxVSXS_BRFVVwNtIBuuQDVqI6XSWpPuOw5IQf367tblvETi7IG28l_tZx5nsCXJ5Mq8RzYQx6Jcs3_vFe8kF5O8WZTSfHx3eJ_XOWzCz3-5nK0cqumZ6YqiNYPYq33lk40fQRhzK8hvmfjvOmIdIwvdeLPLTvF5fYvtjdzHNUMtdfghdVaqLXxo68VNP83Fz_UrOWotbAwEyP-3_BF7AGGWZ7bBcKZZi3o6DZO46yS-0dmWswHubrE3i_VoXmsJuM6dNygWG_kd_DgT3esSjNReV9PYLNjJt7r96ONTWMBKZMRCT6-Log2lLge-MvfbLL_lGHy1KEhjx61HaspkD49Uasem458TFjb_WeyB79Zd1C-cGILR_yK3NzPnRY2r6Qowm-Kezq_OFVCpp1k1u3FJC9e0MPzeJquUQZ-zmvZ51hApFyr7j1lmrnQThqtDwvQ_NsVE9DmWQoy_ljbjz0Zyx2Jhqr0UzwV7BJLK62Qqx6bHBQmHLnI9LvGxZyfjDEaKyywp_KMuJNO9e-NXmRhToFyuIFQJTHPDwy2rkN7c42bW8ad7D2aW5Mh_k7O6xSGjcQEiiuLJHhJ6apBQFuaJ-S10Da7nKNyd7DrmMbn5OjjUbuZNv-OsyFMysBAPIHv2W6JYOcInzmhYkfZXhlCfaeQ_8dlnJxP4K0snJtGllFfAFGoCC3s-4WWfIF-vov-AjmYx6sRjZdx_VEsgGlbnX_l4XTUayoN5Q0un5vZZCcVLn8cflLLhl5vyjB6aET76-_IhQ5fBleJ5SkApiV-yzzfAxhLboQ3VLF_SwVeRGNuqO-daBnHNKFtVDshCAzllANe0zdzyo_sMlHQXFAuy3CS1SvL4RW16aaN8zsJImwgdskzDUg31Rto40KvEXt1ak39A44CgYIxvAHaJw9MccsNOzWhWTAyhN1n7QEIRZLXumVnXlRLM0Vg4LoHcPgPp8DwsyI_b30xQLr9s-W37G_CIC3u00wjH9uUuZu1RV63GSqYUC6fsfAJCFFibhf6b7YIUN1G6qnLMfhipXdYNPm3ljyD_r0KHNfLbhpep073C5mvvm21A-uQnbL6OpJvNvq_pR2kOIU9_rxS3eXdGZPPke3A6STBRKWIxhq4M8b6M4TCe47ORUZxkZQwQNnySB8pQ2DjRhdViBIbIIYUMXWl_x0LiZMSAldY6VSCwYA-F7FzqnPW2UjlyweM_c_NLSm1GKl0TehVlir0Jk6s5c09Z6ylprrVd0vyPIgd7sHAGV0-OssNa5hX9YLTZsugcsuziEshdUTMIPCvaMy4EmqDEzZlCtgwUwXD5dlYx1NXZwGvCrBSS46XOLloGUHsQQiroOZxD5XouI199SW11aY5gYc4H_dmxaMPvgkeb-6Ex9VqRcHRFc4YMFWPrGjVczfN3S9JEiG5Txlu3ykqw3NxkaOROvNP_l-SRiqKLDO7ZNQyDW1DTqvwNoTulWvNd3a2HV-fuD--zUhJa6te_qua2jqbxT-CESiVhC2vSaJpsjGtDjgkEWZHqCLCp0Wkem6-azEkvRTkdNkhr7QAVbV4SLMjgmoMKHZvt25yb22piyqMLkn2Hoy2z7IHDHktiUEDAbWUJ4RI2maeodFaa3ECb3Fdt9G2W5sb0lpg95kOsd9UR1q2cjb_nVLeteW-rb81FfDMahHWHzlPcHRwxEjCPHGaensRKFp-9_oJ5EUKpPxG8cNxneQQY2yt-En09O_N_pSO7qPboitWiU3G0r3zA2unUhWrC4X6lprWHxPaT8kX_BZCy-_b6nfS0s-IHO_KhEHfjq7wbsNthik9xgv14AlkchJleX5KuxMPDTzbIg-ih4fMKwdRF4H3RLk8W0EMl4suclV8kH8PakPthffPE4Im11xww3BTF74RFfyVxyZWZK3q4jr2ZDNIEyp1dBl5dXfEWMlFEXCS0r97tEzzi5-jw3zp8AXuSFPJDaulKQxf1cl-qzcJY8x8-VjUHXxhPYG4c6SiH0jTS9THd5aXMSaXL2SnVLz2_pbj3Rq1uuF81HWGYJ4WgFHU3_ytRnBRxoSWCWDa_HLmRlNutwDmzEwN16R8oIYHiKfVUmgHuKZcw3et-qPYcmroVTuuFZkKzcXV-So8kNDOWG5jmES38RRxUrtM79qFLhPLTdVozjG0FYjmjcmc5wOkuVbLgYyocVBQo1_TuwUTpMXgFdLOx0LIVploPvUcggtP4liGMd-Jl6P18PeTDs_3EiDn8gw-OG3wtjRlCjGz_Ub3o6XPdN2UmQW6rdR4kxFUB3n3ocnn1bxX__pep5D5RrvLQmzT2GDpS6dGDo6p3C7HOSR7xEBCjgn6Jtq7NNJxFgrhR0sXryYcJ9K6pOjEEdrI5peCPCybNsMdtOST9-bJ4cCDmGxc6fjiR9_0Wvo2QUhLXP7G6d71EhHCANP24nuspBU7lMUsnBNjJJGWCVPUF7kDN3DXW37e34n5yS63AXdAHsL3CcD6o0NLalxXT2ni0uswV0vxSU6ZcBfP28Ekj9TqyDEaf2DGBsPXRsvIIyOWdfLxRvVIXA4HS2-l7cErNZ2MRmWAcliOV2xOndWuLq29lk5Y_UO3xrQ&cid=CAQSSwDq26N92ua9XRhq1n5tnMaRgCOaaLOYeME4U1QQbrWL98Fje6j4wScsAlyCs_hcz7yZwo1500691-ETxbVs2XhMZH95gwO6BSWw1RgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 01:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
36161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Jan 2023 01:05:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A386 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxWr2bZrJ_KsnPD1HZ2Uaq_g4R2UC4W2BSyH_KSZyDFe6jfBCF2xRgyHyQwV_MO_ssqpC85NmXg0av6azjjYllxwFtLA&cry=1&dbm_d=AKAmf-D-aYOEr0yfiCSJNp6gkUfP1vwRnrCrbVceeUJ_g6jlxKmFLTwPzO9muicCUvOy1atWiaX6cn2oFPY1qoGE5paivKHBQksU_QXw82884CXINBtQwGXRLBmFH1WHydjdYDuYdMcfDU2qwq8iD5AOCQZSHLnjRLxT3zQqkk41SBHRD0OPYASoB01SJd9FK4_sSYFctgQjzqH7qPBX0R0kUVkuE2oF-YohPvgbCgspQUwo3KiJQNxrHVGZL15PAbm00zh2zSUYpFLYFhKOnSCJ5itC3DHPIod6Jn3Ce7bwrfUyctvHMlrl7rdFtWMJu9tEHW5lxPKYkMWSj60cb3WxTvH3lV9pSAk-pZrbd9Xf36m5wdQjpGI4NP6YdCFnWoMHIelvRwE6o_mMzkHRkkdn8gV7CnAZvSwmw_hgBrW34au8Y2eaZ32wSh7nwmM-TetaDh6PBXlxEZCLuL-CAKPgonyCOaiztv7Uvnw_IZT-I3Yg-R2hPMagfwJn2iojCwD2Vatf-d20qyzxzxYJTAqOINL8YxFiPuxOhQQs7Dxk3c-97b2dJBo8JsbUab48vsFTdMKJmqmo1uflT7jFKsyeFaGnvOZvVqYK04PzAJHO8d-RQrSgtqdwGQ8vrIxVSXS_BRFVVwNtIBuuQDVqI6XSWpPuOw5IQf367tblvETi7IG28l_tZx5nsCXJ5Mq8RzYQx6Jcs3_vFe8kF5O8WZTSfHx3eJ_XOWzCz3-5nK0cqumZ6YqiNYPYq33lk40fQRhzK8hvmfjvOmIdIwvdeLPLTvF5fYvtjdzHNUMtdfghdVaqLXxo68VNP83Fz_UrOWotbAwEyP-3_BF7AGGWZ7bBcKZZi3o6DZO46yS-0dmWswHubrE3i_VoXmsJuM6dNygWG_kd_DgT3esSjNReV9PYLNjJt7r96ONTWMBKZMRCT6-Log2lLge-MvfbLL_lGHy1KEhjx61HaspkD49Uasem458TFjb_WeyB79Zd1C-cGILR_yK3NzPnRY2r6Qowm-Kezq_OFVCpp1k1u3FJC9e0MPzeJquUQZ-zmvZ51hApFyr7j1lmrnQThqtDwvQ_NsVE9DmWQoy_ljbjz0Zyx2Jhqr0UzwV7BJLK62Qqx6bHBQmHLnI9LvGxZyfjDEaKyywp_KMuJNO9e-NXmRhToFyuIFQJTHPDwy2rkN7c42bW8ad7D2aW5Mh_k7O6xSGjcQEiiuLJHhJ6apBQFuaJ-S10Da7nKNyd7DrmMbn5OjjUbuZNv-OsyFMysBAPIHv2W6JYOcInzmhYkfZXhlCfaeQ_8dlnJxP4K0snJtGllFfAFGoCC3s-4WWfIF-vov-AjmYx6sRjZdx_VEsgGlbnX_l4XTUayoN5Q0un5vZZCcVLn8cflLLhl5vyjB6aET76-_IhQ5fBleJ5SkApiV-yzzfAxhLboQ3VLF_SwVeRGNuqO-daBnHNKFtVDshCAzllANe0zdzyo_sMlHQXFAuy3CS1SvL4RW16aaN8zsJImwgdskzDUg31Rto40KvEXt1ak39A44CgYIxvAHaJw9MccsNOzWhWTAyhN1n7QEIRZLXumVnXlRLM0Vg4LoHcPgPp8DwsyI_b30xQLr9s-W37G_CIC3u00wjH9uUuZu1RV63GSqYUC6fsfAJCFFibhf6b7YIUN1G6qnLMfhipXdYNPm3ljyD_r0KHNfLbhpep073C5mvvm21A-uQnbL6OpJvNvq_pR2kOIU9_rxS3eXdGZPPke3A6STBRKWIxhq4M8b6M4TCe47ORUZxkZQwQNnySB8pQ2DjRhdViBIbIIYUMXWl_x0LiZMSAldY6VSCwYA-F7FzqnPW2UjlyweM_c_NLSm1GKl0TehVlir0Jk6s5c09Z6ylprrVd0vyPIgd7sHAGV0-OssNa5hX9YLTZsugcsuziEshdUTMIPCvaMy4EmqDEzZlCtgwUwXD5dlYx1NXZwGvCrBSS46XOLloGUHsQQiroOZxD5XouI199SW11aY5gYc4H_dmxaMPvgkeb-6Ex9VqRcHRFc4YMFWPrGjVczfN3S9JEiG5Txlu3ykqw3NxkaOROvNP_l-SRiqKLDO7ZNQyDW1DTqvwNoTulWvNd3a2HV-fuD--zUhJa6te_qua2jqbxT-CESiVhC2vSaJpsjGtDjgkEWZHqCLCp0Wkem6-azEkvRTkdNkhr7QAVbV4SLMjgmoMKHZvt25yb22piyqMLkn2Hoy2z7IHDHktiUEDAbWUJ4RI2maeodFaa3ECb3Fdt9G2W5sb0lpg95kOsd9UR1q2cjb_nVLeteW-rb81FfDMahHWHzlPcHRwxEjCPHGaensRKFp-9_oJ5EUKpPxG8cNxneQQY2yt-En09O_N_pSO7qPboitWiU3G0r3zA2unUhWrC4X6lprWHxPaT8kX_BZCy-_b6nfS0s-IHO_KhEHfjq7wbsNthik9xgv14AlkchJleX5KuxMPDTzbIg-ih4fMKwdRF4H3RLk8W0EMl4suclV8kH8PakPthffPE4Im11xww3BTF74RFfyVxyZWZK3q4jr2ZDNIEyp1dBl5dXfEWMlFEXCS0r97tEzzi5-jw3zp8AXuSFPJDaulKQxf1cl-qzcJY8x8-VjUHXxhPYG4c6SiH0jTS9THd5aXMSaXL2SnVLz2_pbj3Rq1uuF81HWGYJ4WgFHU3_ytRnBRxoSWCWDa_HLmRlNutwDmzEwN16R8oIYHiKfVUmgHuKZcw3et-qPYcmroVTuuFZkKzcXV-So8kNDOWG5jmES38RRxUrtM79qFLhPLTdVozjG0FYjmjcmc5wOkuVbLgYyocVBQo1_TuwUTpMXgFdLOx0LIVploPvUcggtP4liGMd-Jl6P18PeTDs_3EiDn8gw-OG3wtjRlCjGz_Ub3o6XPdN2UmQW6rdR4kxFUB3n3ocnn1bxX__pep5D5RrvLQmzT2GDpS6dGDo6p3C7HOSR7xEBCjgn6Jtq7NNJxFgrhR0sXryYcJ9K6pOjEEdrI5peCPCybNsMdtOST9-bJ4cCDmGxc6fjiR9_0Wvo2QUhLXP7G6d71EhHCANP24nuspBU7lMUsnBNjJJGWCVPUF7kDN3DXW37e34n5yS63AXdAHsL3CcD6o0NLalxXT2ni0uswV0vxSU6ZcBfP28Ekj9TqyDEaf2DGBsPXRsvIIyOWdfLxRvVIXA4HS2-l7cErNZ2MRmWAcliOV2xOndWuLq29lk5Y_UO3xrQ&cid=CAQSSwDq26N92ua9XRhq1n5tnMaRgCOaaLOYeME4U1QQbrWL98Fje6j4wScsAlyCs_hcz7yZwo1500691-ETxbVs2XhMZH95gwO6BSWw1RgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 00:34:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
38064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Jan 2023 00:34:02 GMT
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/20109/module/ 		503 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/20109/module/singleAnimationOnFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ae7d078e18a6ce17c1810177f9573f029353e5f7c19fcb0de5343a5229394358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:26 GMT
last-modified
Sun, 25 Dec 2022 08:31:29 GMT
server
AkamaiNetStorage
etag
"2be556c89dd9cd766f84d77439b2c183:1671959041.50359"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
503
expires
Sun, 01 Jan 2023 11:08:26 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=fc3afe6723c411565ba258969b5a011a_1769_1671966505831&tm=3705&eT=0&widgetWidth=282&widgetHeight=514&widgetX=209&widgetY=1619&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=287&oo=true&lo=2595&odbreq=6563&odbres=6994&mvreq=7434&mvres=8516&re=8523&cet=4g&cs=1&to=1671966498001&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Dec 2022 11:08:26 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
7135ef4d561a4cc749e52fdb068a4121
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
eyJpdSI6IjE1M2VjOWMyYzYwMTRiZDA2ODNhOWMyZWYzOTE1NDNjZjFhNmU1NTQ1MDc5MjY1MDdmZTRkYWVmZGYxNzA4MjQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE1M2VjOWMyYzYwMTRiZDA2ODNhOWMyZWYzOTE1NDNjZjFhNmU1NTQ1MDc5MjY1MDdmZTRkYWVmZGYxNzA4MjQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
696377de1577b91372ef55c127e09015fedd8285d281da110f450744f5e91a61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
last-modified
Mon, 12 Dec 2022 21:46:15 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2383137
access-control-allow-credentials
false
x-traceid
714fed18cd3251668fbb48df7e87aba7
timing-allow-origin
*, *
content-length
36332
eyJpdSI6IjYzY2EyYjAwNTRjNTU3YWNiYzM4ZDFmODNiMGZmMzAxN2ZiMmZiNWY3NDZjMWNhMGFmODgxMjZhNGVkZTk3YzQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjaCI6LTIwMDUxNTMyNzEsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjYzY2EyYjAwNTRjNTU3YWNiYzM4ZDFmODNiMGZmMzAxN2ZiMmZiNWY3NDZjMWNhMGFmODgxMjZhNGVkZTk3YzQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjaCI6LTIwMDUxNTMyNzEsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
58c7c294273a121ef087b6da50f447f1de478a68a384803a0cb34c904b847712

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
last-modified
Thu, 01 Dec 2022 18:07:47 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1089260
access-control-allow-credentials
false
x-traceid
73d8f5520ae2bc66573d985e9d1257b0
timing-allow-origin
*, *
content-length
25042
sd
us-u.openx.net/w/1.0/ Frame DD9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC6wmcHtjPuDcNyt1aSyk3U&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC6wmcHtjPuDcNyt1aSyk3U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNXk8qy81zdYXpu-L4-lRbZcaHK4Mk9Rs-xKxTaUYf515trAy64vhWgQ7xa3bcDaPGtw_wApUUT60xKPNdjR5aDKvvyduPaIaNdfm8VPrAWldwkEpTqPqFdJfwJy0Gmz-TfwyCD7ABOxbx8uDIL7oZLT06LJ8FYsm6SB6gzbO_MaxEc0GG0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC6wmcHtjPuDcNyt1aSyk3U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame DD9E 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNXk8qy81zdYXpu-L4-lRbZcaHK4Mk9Rs-xKxTaUYf515trAy64vhWgQ7xa3bcDaPGtw_wApUUT60xKPNdjR5aDKvvyduPaIaNdfm8VPrAWldwkEpTqPqFdJfwJy0Gmz-TfwyCD7ABOxbx8uDIL7oZLT06LJ8FYsm6SB6gzbO_MaxEc0GG0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame DD9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEGFli7gKBW10brtl8gL_vQU&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEGFli7gKBW10brtl8gL_vQU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNXk8qy81zdYXpu-L4-lRbZcaHK4Mk9Rs-xKxTaUYf515trAy64vhWgQ7xa3bcDaPGtw_wApUUT60xKPNdjR5aDKvvyduPaIaNdfm8VPrAWldwkEpTqPqFdJfwJy0Gmz-TfwyCD7ABOxbx8uDIL7oZLT06LJ8FYsm6SB6gzbO_MaxEc0GG0
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Sun, 25 Dec 2022 11:08:27 GMT
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEGFli7gKBW10brtl8gL_vQU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame DD9E 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNXk8qy81zdYXpu-L4-lRbZcaHK4Mk9Rs-xKxTaUYf515trAy64vhWgQ7xa3bcDaPGtw_wApUUT60xKPNdjR5aDKvvyduPaIaNdfm8VPrAWldwkEpTqPqFdJfwJy0Gmz-TfwyCD7ABOxbx8uDIL7oZLT06LJ8FYsm6SB6gzbO_MaxEc0GG0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Sun, 25 Dec 2022 11:08:27 GMT
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 937D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFDO1yBIC7OBK_2ATbyZc_U&google_cver=1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFDO1yBIC7OBK_2ATbyZc_U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXgX0Txso41FcH183V7FTB4wlmx7WMcShgv3PASIu0s0yozDwzl2t9ZKi-qv0q1tyjrfaimlPzffec2-DiA5nFJqIPjsCQO78bvaZnqRMvTMv9SSawcQfxq0OXwE1G2e-GVLKTko-2FKmgDVGICv-bPgofjVCDYQa8Yq0JawbXRl8h77Pw
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 11:08:27 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
58
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFDO1yBIC7OBK_2ATbyZc_U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 937D
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzRmOGFjOWEtODQ0NC0xMWVkLWE3MDgtMWQwYTBkOTAwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzRmOGFjOWEtODQ0NC0xMWVkLWE3MDgtMWQwYTBkOTAwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXgX0Txso41FcH183V7FTB4wlmx7WMcShgv3PASIu0s0yozDwzl2t9ZKi-qv0q1tyjrfaimlPzffec2-DiA5nFJqIPjsCQO78bvaZnqRMvTMv9SSawcQfxq0OXwE1G2e-GVLKTko-2FKmgDVGICv-bPgofjVCDYQa8Yq0JawbXRl8h77Pw
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 25 Dec 2022 11:08:27 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzRmOGFjOWEtODQ0NC0xMWVkLWE3MDgtMWQwYTBkOTAwNTA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
55
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 937D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zS21XVjJkRTJ1R3dNSWpvWVRGamZ5bkJKYnYyZTR0Y35B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zS21XVjJkRTJ1R3dNSWpvWVRGamZ5bkJKYnYyZTR0Y35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXgX0Txso41FcH183V7FTB4wlmx7WMcShgv3PASIu0s0yozDwzl2t9ZKi-qv0q1tyjrfaimlPzffec2-DiA5nFJqIPjsCQO78bvaZnqRMvTMv9SSawcQfxq0OXwE1G2e-GVLKTko-2FKmgDVGICv-bPgofjVCDYQa8Yq0JawbXRl8h77Pw
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zS21XVjJkRTJ1R3dNSWpvWVRGamZ5bkJKYnYyZTR0Y35B
date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
partner
sync.search.spotxchange.com/ Frame DA50
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFDO1yBIC7OBK_2ATbyZc_U&google_cver=1
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFDO1yBIC7OBK_2ATbyZc_U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiKkKp5MAE&v=APEucNVaJtJ7VpMd2FNETk9aCqyCUrCRcuJHEpOIOgFs0_wg4hlwZpsZdTHgfwmgCvc7XueYgoAiAB-phj2lJveWUp3mVGeH_Gn8pfJH7l3d83c31htRzqN2LplqJYbcGYbI4aT7YifQAUGvjr3Cfc_36BGJ_ioWFOlDUClM1odB17S2OwvaMOY
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 11:08:27 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
7
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFDO1yBIC7OBK_2ATbyZc_U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA50
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzRmOGFjOWEtODQ0NC0xMWVkLWE3MDgtMWQwYTBkOTAwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzRmOGFjOWEtODQ0NC0xMWVkLWE3MDgtMWQwYTBkOTAwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiKkKp5MAE&v=APEucNVaJtJ7VpMd2FNETk9aCqyCUrCRcuJHEpOIOgFs0_wg4hlwZpsZdTHgfwmgCvc7XueYgoAiAB-phj2lJveWUp3mVGeH_Gn8pfJH7l3d83c31htRzqN2LplqJYbcGYbI4aT7YifQAUGvjr3Cfc_36BGJ_ioWFOlDUClM1odB17S2OwvaMOY
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 25 Dec 2022 11:08:27 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzRmOGFjOWEtODQ0NC0xMWVkLWE3MDgtMWQwYTBkOTAwNTA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
44
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame DA50
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zS21XVjJkRTJ1R3dNSWpvWVRGamZ5bkJKYnYyZTR0Y35B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zS21XVjJkRTJ1R3dNSWpvWVRGamZ5bkJKYnYyZTR0Y35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiKkKp5MAE&v=APEucNVaJtJ7VpMd2FNETk9aCqyCUrCRcuJHEpOIOgFs0_wg4hlwZpsZdTHgfwmgCvc7XueYgoAiAB-phj2lJveWUp3mVGeH_Gn8pfJH7l3d83c31htRzqN2LplqJYbcGYbI4aT7YifQAUGvjr3Cfc_36BGJ_ioWFOlDUClM1odB17S2OwvaMOY
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zS21XVjJkRTJ1R3dNSWpvWVRGamZ5bkJKYnYyZTR0Y35B
date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
PugMaster
image6.pubmatic.com/AdServer/ Frame 18EC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6067959&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b45d9958bc405ba9e80fe868a646ec8c42491b9d3c486848375f5ba4606c899b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
1
sync-eu.connectad.io/syncer/ Frame E520 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
77f11e6ed9872bc2-FRA
date
Sun, 25 Dec 2022 11:08:27 GMT
server
cloudflare
privacy_small.svg
static.criteo.net/flash/icon/ Frame 350E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:27 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 350E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 350E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 20 Dec 2023 11:08:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 350E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 20 Dec 2023 11:08:27 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 350E 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=1JehKEnf-Fm6K5oFeZjjET23yU_LC_KTmMWCpUYPmZuxsrxaJlup01WHqB2w2hyDX4ExIq_e4empoAqtLwrj8s4VSqSuVaWWwcq9OZR2YQX1SOEMIdAAy-X7JZ-Wwy645ArjO4E39uYOZQO5E3Xeu18mOz-safPGT_5ysPkm8vaXueLoYzFahefC23LZ-Km34BxjmzjDDKkGOwEXp02dJ12VvbzsZ3PExdVx6PGeLcW1bmAaPKUD-r9dmknTi5x87Nw0Ls9o6GpTRIS7A_Z9Hyv-nVt8d6WqxcTeXLLH6JVvRcz8TWWItVzQl1v2edTwl_ZLcwrehtgl_mNOAsAz5NW4b-fLOf5_ysLJDF32a5Ae89Pbxi_2VWBVBocyMSP_XTU4v3FTygsaDLYK7twHIFtUMHigmL4ToNJ9__WQ1Ytiruz-
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3551256
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DD4D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:27 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame DD4D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DD4D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 20 Dec 2023 11:08:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DD4D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 20 Dec 2023 11:08:27 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame DD4D 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=xuMmWWWdd-aiho5unzzSitl4fPF716xuQkpRq3iuMuRlAblbQpeySFjC8GNbQ-0FEX9wpGZSYpASCDCH7OqgEsSO6tlDbkgNVsetUmoczqIgzbbaYn6KT44QzojrIudSuK-SUKiKIvEMr1RMufUcMIAZ0sval0uJE76SiejeLTjdupRW9eLs4bvrqkYd_7Ws4fJblZXGqtog9F5MRxysydcb9tuy6_PvQs4sUq04RR3ybxzbyccmck0m3QsuhuD-NYXWMQwQ4FhHpxPIFYHbRwK6pUonaaqEgGrKFalqYlCRbYWwV8NinVHwniCR33FhHJLtpdWFBDgNIXg8owexLYzGCTN2vj8o3mSbpy4X-2uTUZAFpY5nA6EvZhei4c79y_v3kgrzKKuJu2Ayv08laGz__JV1yi-Zgfn8dN4v3V8kvG_Y
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3895811
expires
Mon, 26 Jul 1997 05:00:00 GMT
ai.aspx
m.exactag.com/ Frame DD4D 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=63a82f29d69d00aff760307f3ad63fbc
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Sun, 25 Dec 2022 11:08:27 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
So, 25 Dez 2022 11:08:27 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.eu.criteo.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1051
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F93C 		21 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=43010785%2Fwallanews%2Fmain%2Fpre_desktop&sz=635x360%7C640x480%7C640x480%7C640x360%7C635x360&url=https%3A%2F%2Fwww.walla.co.il%2F&description_url=https%3A%2F%2Fwww.walla.co.il%2F&cust_params=app_name%3Dfalse%26providerId%3D0%26item_id%3D0%26vertical_id%3D173%26vertical_name%3D%D7%95%D7%95%D7%90%D7%9C%D7%94%26category_id%3D0%26item_type%3D%26exclusive%3Dnot%26login%3Dno%26isMobileApp%3Dfalse&output=xml_vmap1&vpi=1&gdfp_req=1&env=vp&unviewed_position_start=1&vpa=click&vpmute=1&sdkv=h.3.549.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2054437229&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2Fbfaa0091-81e1-47e2-b9cb-d1d00d7cb39b&sid=BEE0D62B-06B5-4E47-B54A-196D7280E22B&nel=0&eid=44748969%2C44752711%2C44765701%2C44777647&ref=https%3A%2F%2Fwww.walla.co.il%2F&top=https%3A%2F%2Fwww.walla.co.il%2F&loc=https%3A%2F%2Fwww.walla.co.il%2Fpublic%2Fplayer.html%3Fautoplay%3Dtrue%26imaAdUnit%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26imaKeyValues%3D%257B%2522app_name%2522%253Afalse%252C%2522providerId%2522%253A0%252C%2522item_id%2522%253A0%252C%2522vertical_id%2522%253A173%252C%2522vertical_name%2522%253A%2522%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2522%252C%2522category_id%2522%253A0%252C%2522item_type%2522%253A%2522%2522%252C%2522exclusive%2522%253A%2522not%2522%252C%2522login%2522%253A%2522no%2522%252C%2522isMobileApp%2522%253Afalse%257D%26muted%3Dtrue%26player%3Dwalla%26stream%3Dhttps%253A%252F%252Flive.wcdn.co.il%252Fnews%252Fprog_index.m3u8%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F&dlt=1671966503060&idt=3103&dt=1671966507474&cookie=ID%3Dc55b18a6470aca17%3AT%3D1671966504%3AS%3DALNI_MbJcPQXJFJ2lj-epSN3WrihwC66xg&gpic=UID%3D00000b98205eca10%3AT%3D1671966504%3ART%3D1671966504%3AS%3DALNI_MaoAulSlA_ruPAwAS8X4gTHKUmI6w&correlator=3567591593000681&scor=2830918545718889&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78dda9ce7ff230c0e921c8910537faf20cabd61ee5e7f549b525f55107922bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4170
x-xss-protection
0
google-lineitem-id
6185148898
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138417354498
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Dec 2022 11:08:27 GMT
truncated
/ Frame 8FAE 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d81e152a4a3de5ae60a40182016085dcc80a47c159f88d964b560ef356fc6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2D8B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
863894ee6d0e5445fe71542a9edaaacb908bf1da6fa4b68e0081a8545610f26e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7138667114041&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7138667114041&version=m202209210101&ct=76&x=1&cor=3505846035244927000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E7D8 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKQe9mk893aFgCfNqQ6Tquj7FzgA7R8t4rDjGsSq4JiOrsQAe6uoXpoSEi5KOXakPHLseL4HrAXcO52Ux5oMkoX47VSunvFTmcgqMy4BddpmG4a5EJ7VGUbbKB42qZMlNXHOaMOHN7b1AI4b3PIckwqaQQLK66Gd-_gIrZokPxTTSMNiE&dbm_d=AKAmf-Cr3mVYUoy7-ZSQYqCXH0lpFiB_eCFdlQec_LbfUx2_uug_gXgfF19UIvC2NNMAOZ7UrjlV7TUAXLSDiOwkhMJtIpWmMLpu4eACRmcTdsAzthupDc2I7Jv6oNE69G8SniL-DV4ROJTgzKBxxW1Zj2k4KWEB3-poQfPs2XkNOILXnqUN8VTgvEBFJqZVRE0Ifjv95ZB5_TV6r3n7BH2URXuNZe1T6EbMmqkKz-EKPsPxKEowT-Pjen66bdxmr2kBiWgJe5cMhWC4hHbZKxFyNKfme5wJjgk5rEyri0t0qmNUAl2i3wxHfLkMg8bVc-Oy2VvYALcjzMSvsrkN-lSzTbTHJ1v-6V9IeTUsRnG6tgppw2eXLL5wAjEskJfRI35nqr0-nSEj647kunwUKSYeZEz9BqwPKeq7daYJyt-T-MLWtRaMxuoxfX2r4mK0n7_8uNrqLGOAoa3tpSrWKZMmAyc_hSHBy0Ny16q_hXpAfOmPLHJweYFmZMehnjdKHUD2GQT6JrB39CJ2nHKIfXJuotGpw1WQK8dd6_DjxgehUuhF_Nbn0GFyi8se16VexuFriN8AUqfdEnAQoZhbY1C8qrPjYVfrjPor6Jy9anmVKP65JTpKKx6zZfZfwEafyRWe-MU8Y7TE0eB_VvltHJG6ZFzFiFa-Th0K6d7XeLpgFMNmVgVobYyzFQPMnWEtK46niISnqVvZvhYaBPu7WPGXctgHqMgHu87FWUyUacjWU2e4MSnWZavpV84mXQLy2lwfqMEGHASi02GlL3MFg1KBJH0Tr5hM9b1ZjKvzc4PgJlW-OOh37QaatfAJAYwmM8Balg2d4XNF6W8RHNsX5mrqvBS_pN6xwOuBmxpuZlhXqAjqp0PL25tgT8sLGEhgJ-lCxTxUeqsroNfXalZFGmxwnTSAS7AkYeylPx7A3jI0f6fgb1ZewQBzNuYUqiblj076sj1hnB9p7drM60aBWGYEkPP9awOlXBG7ZUd_u6SFQrg-IUt-XSx2IifyLK-RyZ-oqKu82u4aSjDozIOFwEgj4Ii2vxAeUmWX0z9KV9br6hgLRC9lYsLBnyVhHmWnfp6lxdcT8YVIfiYL73QVO3PSbavRrX4NGPjBQ_I9VNigtluZg-yf4h2ND0RBVvwaH1i9xt2pvRSIhdLoNqMUhjr5PR_A1fyqT0xXDVF-x1SuzriJINZdzayyAjHlhpT9P7BsOmncQjHFuZHr5s0lTAs7mtOhe5kBt5E9NZhN5aQV0NrPS5InBFsjyxOCAtmFl-ymxKMsSN2PmKgfwegb8zSFyAFjsIMiEuWDrDYIqzD39ZOQReCreBtxgJ0lGFCGVJUaqaHHktPSAPLWdE729aN1SERGWSKsob1gQtBFiMu3OQci5pYeOH_t4ddjbPpnIerDPwc8NtkVf2oBFLA6s-GiNCqocjpm8xG0F2Ej9N7uZj_t_ICYdocabAJxzdW3BuLOT8iQjc_-Fko0c96BWb_18pDOPQ55vx7C6YOJlu0jSLYQVbBzSPAKP5HhyE0L2SZSMGwCqC2XrZEpoDESMwmlle5HoLZsiboT9IeyWwtwhUHSPlolMS9iHruZkvPqdV1vjF1iKjbBEX6C9QqzGUin4ic5BNIrF-vmHhTjrTNKIcsCpe-Gbdbl5Q1uoFxT1oUGrVQWuJgcv9c0L3e0uX13mUXzn2-9i6FzcxUqGX9-wl9YALA-sV9ZHfq0KkCbdpIp9nFyJDZmO8GiIYASS30_QMwP_rm9vLrJH7p0K2YwjVpZ7dts4bhBPpqwGr7OqQH2-HvqexeRhstDw--DWdlK-oWC8KZHgxux8K3q-L0on6lF-Qv6SRqt0YnrV2715nmnhxD2glVUzdYscbu6QLCEX79vuSxmjP13016suctivrd80b6ojz4Ve8fHCrS5XBJHzlrcXI2NXErelc6Lhf8hAtXP1hDYapYTIS4dkVPm3-3F2xxFK5yj3hwgvsn-Vn92l97DxaRCaA5lHcElbmX4vKcawUGkwGxG6tux70XDA3H3HwupipG5eflIjEErc7G_VDihLE9tTRSl5uXbpMnRATqRln4ELpdYJlA-Xvq8UK8EPrRyg_a9cIIcyrXjaGuPTYJX_6Ic9U7XRGIooE04uxlMu2FrOzGMAiV2Pp5QcCGDLz_m8bU1qHXHmfwvbxCQLWvyC_PZsvoAKkA4j3E6B3pyNEWMU4JQzlQT7YxyRo74A9T-dtNa4cL0kLxbnUsFrUVsuYkV0_hijaUz8OvswV3lGWcSvSolNMi0nPRiT-dTiDuY7qrl4mLr4TxtEWPzwikG7CgmVIahtKnsRq32cUkH4BfxDEIBjuoXWEz8fJPucBp80kn0FxT0qEaHy4IwpRETK8XXVCY6ShAKQ7sqSFS1NuTmn0pgZeflAeFLrHtdCbPuYm8YBux3U287nZUV8HqNcHcrpl0v3k-CQSs3CYvfpfjB5X9lgZwtR0hVBQ4npsQg8VYbLsPfgzS1YULBgVax8Ze2RjqYf5kE07wmqBp7WMgVhWalSTD9naUuJOytUElIAj3fO4qA1oK-Jj3dAan1s0zqw7kpLH18koY5sJcrjeoQxMzANKkVWIc9fRM92gMP0D49EfafO66DZXNIfuNahJGQx5iJWYybvNVIM-qICGYvlgmgIG468-G3nIEPko8Ojf5EMMweaPDxEfWTIZ4plRXCO-l-mJSIKuhjAR3iTmzTSqNNfGNWCwmYt_UUJXAd7u0MDoSP2uF2PGutYJOjvhIKuTj6uLKa-yDbBp4bd16AOesA1XFK4diSJZjDSUBUb48cklFnR63aHOmg7mtsMoAEuivc-MmpoVZ6bIqH_U3X8--OcDMbjtA2fG8j3pNuyMxXwYs5Bf9WZRc4N4o8YHJq9JNiJz-XJKitx2XiSAGqMy0__61XLGi-TEOGvgBvRQynTzxfaLqlOfK8y_ytUCxrcNK2enO2G1W2bwy2Ckb8tyIhhl5vpWn3uAHmhT9Gkargpfb6uFyNbySIa7JkTfVKNMduoy2JnMKdPHmXzQq1KtH015AvhZ6jfZ9TKMoICP74zitkmU7OB41GQMBrEva2riD-mfX4t3aSYZFMNBcQ68g6YdecwhKyXoXVzd-a2Y5a9SN61FK6LxzpPBH5UDNq5kgUaY94ASD_IkhTsmBDUPW6aeKM7zHEpUjmMaNC1hgmTVFVaazFVT9euboNrXSc7FaO9q0WTLXRlhttmAokX_CZMQuKABjv6rOmkESbKXnAcRAtFZ6_ukXtWm2IwdgUMWrzx0xF0dbWfZx-v5QJyKnTjaj13n_ZQwYy8xW36_l4E07B44Zp2FqhZQXvfgL8I4xP2LWh8dfbP1TBNIuC4wfwTgxD8rAvPnXDbF80H0iAzuEobGVg4TrYrO5ekXAyX4i_3frX43uPLlGhQNAKrCvq8HTph2be78JUv4WZ1EOVHeVO6g1XzIYrVzUzJ6uo&cid=CAQSTADq26N95NK2PfcnvfhgG8KvPO223qxnyPkuhPoUsyinnfE4oqrZZND9qDwHD4rH3X52OBD4aaiTr0Xeo97FwjDRF9FOY7Lv4NdbtgQYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=3505846035244927000&adk=943508955&idt=608&cac=0&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
caa1bfe16463f7b5d156c6c3117d6e78ed94b757b550bc13f985ce96f5fe9a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37192
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=70fa6a09db3ff426875a464e1bc38e90_1769_1671966506543&tm=4933&eT=0&widgetWidth=863&widgetHeight=41&widgetX=537&widgetY=12446&wRV=20109&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1531&oo=true&lo=2595&odbreq=8226&odbres=9757&cet=4g&to=1671966498001&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Dec 2022 11:08:27 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
036c927c54e47590169793462fdb7472
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=4&rand=96229&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=M2QwM2MzZTkwNzQ4MzlkM2Y0MzZiMGFkYjJmZGVlNGQ=&adblck=false&abwl=false&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&em=1&settings=true&recs=true&version=20109&sig=tLfmqD0S&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73c6945bcd7e307b148549101508f19611eadca01d317a0b5e26274dc3d2121f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671966508.794432,VS0,VE381
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13626-LGA, cache-vie6383-VIE
x-traceid
397f665c52d2305244b17b52146658f9
accept-ranges
bytes
content-length
15904
expires
Thu, 01 Jan 1970 00:00:00 GMT
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"65df986ae65cffdf92a926e7c42a25a8:1662969047.139727"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
12268
expires
Tue, 24 Jan 2023 11:08:27 GMT
get
mv.outbrain.com/Multivac/api/ 		110 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPC&key=NANOWDGT01&version=20109&apv=true&sig=tLfmqD0S&format=html&rand=87803&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=M2QwM2MzZTkwNzQ4MzlkM2Y0MzZiMGFkYjJmZGVlNGQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=3&lastIdx=5&lastCardIdx=0&fAB=11741-81572&layeredTestInfo=11741-81572-&dpr=1&cw=863&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/20109/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb19bae6e1e1ee4c65ebe7b77134662f6d39d53d8335225347049c7afda4b3b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 25 Dec 2022 11:08:29 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671966508.794520,VS0,VE1393
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21981-LGA, cache-vie6383-VIE
x-traceid
bcab70f630652273c394ff541f6655d4
accept-ranges
bytes
content-length
25213
expires
Thu, 01 Jan 1970 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3A2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2001549715460&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3A2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2001549715460&version=m202209210101&ct=76&x=1&cor=11438024863911205000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E3A2 		82 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPCj7c8RYE3ZlSeGJQ2Ze5oVfvXCruYbNzG5eDAOOn2uqypGksii_Mk_bLqpJbj51RFbKCg9zyUuquWJzwOLRiF6QdytSEjMcY2cfBqTst4Lp19ZKR8rpvilvuQPDq3Dlsr4wS3k0UKH3lFBlh_UudJtVt0888XahVvYFcSz1CucqGgaw&dbm_d=AKAmf-AqRBOrvXYBYysHQSOF5dK4u3btDN6aUZeFnz3_MXcs0cWAaMTON5tBkfgyN6Bh-06SUNzGpeNyQnqi0fdNrgGdshmk1wVcaDzdtusaNlgrwmCvYLXhFwBODv2Flz7WPOVqr3g9Js8BO47cxJMQxgYXkJwH6LUwO5RG_HXFqlJqudNxr4lzHXkRdMLJ3Vl1HthwCNWVymhd-Lx_G99IOonKEjdcgmEWKSrucq7bPayznT6L1ePdEW05-0pnBAZvJN8Wamb99K6O6J9zFrm2D3v_6cWJ7eIRgWnV1GtEI-BwqTn7xpNDyww-J818B-5b2mIQ83EnGW1v61tfjlq1A-9upunlOOLSKqg4TBq2ueoAL1hNrM4gWcvORvfM4ug99Z8-RUfaL5Xbp8JPFyFZ2Wk3UjtYFv8n40KTCVdpBD7s9Zxx2pQp6EAaSGe0yLmExJjFHNlZqSOlV5sphZgcZGrUd7uC9qRA6CDbW6F-8CqANaxiOXTDCMnvzo_8GGZn1ssNSSJXStjs9Ffr8snQXCEhKiD1-LePePwct5Mj-FAJHWhgqbmPW9UmLukbE7Dg32lMpU3tzXpFXgdGXNmsQWj1x5tshF8LticAZMjHNYf2hrbG0BKKVDrRgD6OVCF7HghJNZrMIOcoYRhOfTs5cCSVEzJK_U6beVSpXZV-GtwHnkNGTRyHAPjhiCZnCF_l--EUVUgWAZQJmTT6VnOb53i-13ICSm9zjHwYUgbbOgCWZPDRLoQ9c8HI8wWejYeGDH1DjxtxukbtW6e41BTv6YcTIV7V4FzGWEqjP9Lqc1MLpg0ZTCqg6fGTsCWrvLe3nIi-kmRmf2jp8AbTrYesBDKK2z3uR5XCSBVsHcSdsKrnv_VgtveCQh3doNoTXvr4gbXUDuJoOZYPJWNaqG_bQKclC0oS6i9dVoOe6kyFMDbFUn0tzqsZ8qN5oSKw5BJj-_HipOMy7trKFrMOvx24V06iFQwPh1Hac_Rsk3VJo_OW35MKuDwNdqBTZjjpm6nWkfdmo6XV3AAjAMqlFqAV-0-Kls8fg0FuJduWYzUFb_ybXk8nN6EfOGE0vIhJ3s5aK16N-mRikUU6L-oWyYZvIseCmbs3Mad_gze3tH9XHVcjloetNknAJJGpxBvoX90NRzc8qzkImmLYyIhwO7yIgwvwRlOjENuflZTf1gbUPCg3Tzq8IyJbb_XicFBVD_Ym9kVPSkn8wdEAd3xVmIpHSNRbjWYgf90AmzRkFARK-F9SWypIp3EQPzuA2Jzpk6Ryzc_11bVHYx_xJ0AmPg1yZQRQakcuoQYOYht0PUGvG16nccbD4tNhcsUyOhtgNZoCyqI6vsKTiYGs37r0adN_NmCHDuWmUG64T_XdegwD1dsR_1Zuvz--syXBJYe1nQKMQrXewxwqMxM-PhZTyTL4L_rczh1ZImIfhGlMhn8-rmFTkZR5pwL9olpIJipGCWir42ryzveie7ozi-L9JPzgJWpliv0wPBOEn9XTIo71GVhzZtFE-haZ4u7SWy8h3_46Cte2z4IwqMQkT68y4yOUh1McsSzebDMZZZ45PHoNxQT3Fz3kr-KRQacWHbyMH_zLCR8ZF3HC0p9WtYxy7UrhuotsdR4EOdGulJejwYsbmjbtjRZnzHdPwuOuE1MUFb2QOgeExoWDE-hbNFVUOUJs-DgyqIotV1oxqCTpLZcFmDL7KiMUG0AzF68TeVvFj201DshOs7_6hv-O7yJOkDon3Czp68JOeEDk179Bb_8E-HPIw4UVdwEGD3H3tkkIR-T1iTlQsFzkWslgj_LEgqVDy4weVvzzX1JbpF35qWKpS_BZu4Kt0cGYTeUYgVzLrNz_2hOBI9Q-S2vEfHo2skGueuOq0_nrSs5ig0OHo712KG1sBhBq6EOXUtlYX9FLHuy-BJ0vnX-rfVe43_WikTQ4mhK-QzayHeooP09tdgIdOifpX3Ax8svzswE5xMDEa_rk3QouT3c5gBLbY68H14cfkxAo1q5nCtP6B65ruCPfoT5tmq4ePu5X2jIGWnadHvQS8gy2YT-0ziUM4ruZ9Y7fjOp4PUv5viw4Dbn1fI-mMUQyqa5uQIdsMjVcINt8WY1fw0sGPqxBVFKqnTIjsGdE5Wiuk6rDHhedMQgwl0OKsAmUzKj8xhCk5q4AyPezoleypmOFbgJQoiNKScOyvYNNz9Plg6HZBlR7nlMB37i2TKqnom6jPV3taOskxoFbvFV42dN5jbN0ga3rIfLQvpWO7cJm3tDTRaJmDjEHn9_ADHH9acFQMod6U8Rl0TvhamqfcXfaFU9Q6Xd4URpKzcHP0VcwctmuDZx1wPk7xlI275uqgjmnLZHPk3binK2nbVG-GqXr2lT-hFc9NeV4OD2gOPe60THzTyBj4twNlu5AfEc6Ay2s-25UY3bOn-g-t_Ukff1Rhqf98F1n7HYjpB0TOb81dsUZLUzkrq2ntYwUEC_ZQxM7-xBaXqIICDEAWPjCUklyUmGNe0YvqSk3Ve9TTZ4WAM6xj4kuNRGRAr-xxMWm8nxmf_SUHClTqfNqCdTiV1iH7YGAdTmjZi3jKagCWpwR4iXFaoUE9TU4_NY0Zk9RA6OtxdCG2HiXQSe0dKUSH6KN_UEUnInMKr7vTNTpnras80si-lxBYFa7j-vLAwNsS_pVDg1ChTSg8Docq66mGK38WhIS61PDjMwVof_KnHvObCF3q1cehIeWPf1D4x4rrgtA-4hycIiql3QLPep-f8KXF09aIHT81OTmcIGRZ3gUN-FHY2UiBzRhQ--vMfzpTuhQ0nHmHbjypEGLQsJ1vYgV0Fn1ioqLz9Qy77whKd8yFO5Ns1424_4p7WSel5mb1DNr1Uht2eP-bx9c6XKNDp3inww0xDG-4hSyFRhFhfXid2FDNb3i8e8RYHY2j38AB66oDEl5s8QB5kKAulZozXW44X0-WUCgH8hK3vyPySwf1zuIsd6f-J5SUU_P-fidqSPr3CJs_t2XBSmIbmkSG7zGFVXEKm1PJobgKdb2n5dTmhem-isZM4FB30S_7LZQ8f9WOZUXtzAQ8G8UZ5DGblJpapsUfDP771BlUAE60F2o_qMdFwDRkz0yvqpEscR-4nRkJyXSdR6v98oFTKphyyExcCrdIOaVPniZ4d5NLSsaC47N08jNqgQy-UuV5wGISDFfFL5GNWwD2lv6QhMX4SvBLlIXwGOKO1CkAi2LI8zqTJ2PkoX28OQOmwC6i71cOJcDppMaK-zyP-HH1vwKe7ElUA-C6C5mMQlOLZY97Lgr-3ZsjBmAaxjMZtQajEZhHVnpBe8&cid=CAQSTADq26N95NK2PfcnvfhgG8KvPO223qxnyPkuhPoUsyinnfE4oqrZZND9qDwHD4rH3X52OBD4aaiTr0Xeo97FwjDRF9FOY7Lv4NdbtgQYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=11438024863911205000&adk=3690638929&idt=591&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7784f43246a346a13467b1d171ee62b960d6abe399894f4259e155ee0879c503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBC2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8416858418417&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBC2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8416858418417&version=m202209210101&ct=76&x=1&cor=8472963844570602000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DBC2 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dd4bnkLRzBcXfjBFab0rcIJydlnB2ThMIU5r9CsYuyA3xY7FCz5ubcVBWiNgSka18yZr0sZR1q4hwwwg0N30nBQ8hQAvkEhWUSfwzzrx20NVaM63Xpr46HtZn741JZ6BfmT8rG3BM9bdrh7FDTd47sBmDCV67HwExVFrd0NWR1kiQVP98&dbm_d=AKAmf-DSQTb-I0DU0X2UuCOCzaZoEa93LtcvUKLsCEDVSwbHQiNoJiLDF7R_72i3cXC-gwc-2XEZaGxpAOF799TjVVLvQEc8PXGUHGguFj4LaLnWC6qAqgmhO2ua_EMoUs53EWvHl1PNN1XyN0znNI3ccL-IpV3Zg-JjXLdUElTk5G0ZpYxaLOeFrIHtvYu5VxNob16vF0B4oSs9Dc8DEGqXny68xKrhSKKmfJULYG2a43EUoxLGVFNt_oFpBPUwCbdG0C1_6PwbAFikK-jE9aS0dNc4sd0tmD5GKeSvoruxIqiIGy6EY91gvUCT91sKubC2nRA4MXkQzzS4XmHzFKgschgNBIZVCCVdeuSIKIvumr0BOj09ksdZzzVw1h_3sYcthbC7-y7axQofaiC7ZDv2ZAyVyNw06AWlpj39ZV9p6S-PVrZR_WQSQuer-n0l-dEKpzfCBQugtAjMl0K9ll3RnPQZIto4RVGGXXFDsw5puokuZRM5oOz3ucNe3rTpEm044s6gjt_aip46YcqM3zqUsfXbG86syvU9C2T0rJrFJ1oTZlptlswiDeslJlsjVay_xft_Mwk83c7Wf9CW1L6HAP-Q410rVJJ9Ho5kZ55nyFk-xcNwLtHfcv8suTIldiVtE_oM2IaastutZGOEoMg6yT-cjTeBewVknp7cF4PTKFg0_Ffz1ZZzBmWjXdrwCth7VUWq0mtnECzSOcuECzWQjX3vK9j24o360b_uBue-IJeSmaRCI6aJXoFTFs9LtE-p9HBVHWmHY6Nu97Cz7SV952b8IJO8twF34RFGaJ6CH52GYZtWGvpHxUb61U1WuLt6xXxr7-rfHyuoRwajmZGJxt9HALgdG2qHnYaRtiJyqnD6YRPeS82RCldZjk3L1dHuXO5tSIyxYZWk5GMRJQGEbSiO_D4uliVys7PbvyvNkFpL8HO4YQ_JXJFedxuZt-P6BJf3Tm63Q7ah3PDusMeZH3FGd67M6Oa7vkD-YkRMHjAH_KW1znzFCLpPhj1KYCvbkphxkq-Njg7J6tL7lC_JiIAdIcTxonhp1BdgkqfEXliNkIzai_aPBWtyj8WSFrBWCV4e20GFTZaNMLNPNknE8lFrF6VbWYjYMI39bQQftCI-gsPd63pTnD4OCYOsEh9CywUIVBOiVohNBHHUVN4H2LGqXN4mAYRYyh9Rv6Hc-zEqtpecniL_vPi_7vtsSyzd7RXAq85C8rn7EEKdpw986ve1iXpUfEZD_dj4DE9jM4a5P6IVObu1CVzSQmUeYra7fMcNH-CA0HBlkeN6YzpKsQeMif4qMp-tRox5M_MfHDq1S4JNg8zAVU0ipvuErk3gee2Q8tsolbzC7FHOtFRXXfg9goJa8_6Qg62NB4t9baNeroPS0m1tHvu7GpXUmMUtdQ0zw3uWgDVRmFKYTJ-hMbDpOcuYMtkoS4EfnBT_m2F5Lx_oAYTzUgeKh1yMbLZyknv8nlxB2ZF_qRCDFw4KFg_jfnoCz8XOTmhF1k7dLVXvUT0UjhbyjtGEQ6JZIURon0_bhPC3KHnwHcaWbxIM9kJNo9fuVDeLkpJPzOvp-mvHMoqI-YuM9BjkebIfJqVKF8S5vCrO7bVXkGswR8zjnSGpj3VRhKRW5T_0p0O6EHMmqqSohiARRatO3p74H4kaIeDAlKW82h-SJbqI2pHVCEqd7vSKGEYWM9JenVz_AiypjD9aSkYU47NHL48Nsm7Brg7fPvf45dk3EC_4APWKVufg1dhbptbQJ44YdOVl2axbaei3UQH7mKekKOhkUf1PzeKqxnsbvX934MDMAdwsb56Jg95XKw9_-GPRnN0yLUxYZ58eM6Mj9cPt4WxMyuAJkrqjrsbWfKqqgSlhb4JAnUAy-0XUymoCPRf_jq0BcNtv7vJyB7aJQAjitQ1bekOKil2n3rYyVnyzKLLVpdvzIrPjhbBdJvrDOdSjQPi8b8ivtVMDl0GtwuYW0xPB-U9UCloyYCcrWXfsy907vetjC-fdNJ_bK4P-cB6dyObjeYVm7nD9YetqFYPGmYb7kELjtrH_XKUlrMEQ6mFCX97URfdOlusdz9QBB3aUEWe0B0m4AzybHVbLR0xfV8fV_Pa8yNJeAOoglbUun-dVRsdNHXDx1YVyTHAkKcj6O5Q8tnuDj9Tq5gaJ5TY2xDXpLcDmrKtayFqHJ-QJrr9TKOVaS58y9MeRfKH24EJE2Ll7vHjWPjrqKZ1HLxff21iemMh5F4Ff2y-4m5qyUoYKiSUeop8I1n_jye39D7xORFTL49mBpyGEA__x9CSIahviWHm-Oak0bZcmv_cUrx4-z-6paz7iVrETBZeCKI_EHqrqEAMbGeopZ2QHFqnNCXmIUHQmkdvOZJfQfziUUmsbeQ1CLGeSgD6UJP5K8kYP2RvX3U1erHS7P0Nen6AJjFCxVze5x4AUxsyne0zZkFGX9tMZR1uDbbJBmtjoLdORDzfz1Mm7iSeNPms2UxBPYBpuP-XuXrunKCNWQYr_8S6pF_-Q85LMAek7Z-NQDcudqzj00UE_qigOrDQ8LjBdYj79A71XFWw9q9Y85tvLRpKx-cAJpg5RD2UGgR3MWja8TkVe7whIENRBz7pDUa0s1Y-TqdW-gEz1vAbX-EG9ziEI-O3Mh5RuYknSjZa5MAjJy1y8_bgm5jxmGwoaCbKnNZFCj-d6iPpJylKFuufvShGQGImmAO_8CSBWy4vbIkEs71A3B70cLeVJVUTc8i5UPPWQsycZkDf7xttgr254RmuB_wKGHYTIrI9Z0UBBge5YZ67fdbtsL0Xy5LK6jpKF8Ctf-QetcirvTnS__X2GfHNYkVjZkHFR4k7S79uyjS-rXFlFaPD4yy78jGfex5mXUa7PwGq2xbxgbqBHJMtHIween-8fKJc0fx84718Ms_X6tYfb-SYsVYSwS33YW-770Nj0Ksqq-kSvjtTHluFN2RweBryNo16-EK7TEbVAbPs-GJajMlkGcT7I12nXWZpcWMwoS8_-ioyjoXcrbiE6QV5OtjuIrvJ_A46nLrKeKzZfs9e1YTILRrJm50eL3jNZdxoQuLlNP_26oD3niqGUe2asqejuCkljtC_gpZcoHnvWH_omOrxbEgcfyrdwEDp-DX-59h4hZ61JvASUEXQYsVw_mejFU3WJz1oLxmz-ztTY8zGk-OqVb_bC67vgVnUEixA_X1G93N7BO9LXnUosoJnQaRIfnqCWbUEQIj7a7u13NIPZl-8lXUDFuTd7FSFMoJ6U5atwxAVN9vV0htyC4byGWM7UyZtLXIKnd6AzJN8KkjlzLQNFGdEyxxM039XleIrk_w53pzN5POF2&cid=CAQSTADq26N95NK2PfcnvfhgG8KvPO223qxnyPkuhPoUsyinnfE4oqrZZND9qDwHD4rH3X52OBD4aaiTr0Xeo97FwjDRF9FOY7Lv4NdbtgQYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=8472963844570602000&adk=2086295851&idt=656&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee077bc2beaaf1687350fbd0f6233bd541cbc2618d7ae4da233c550569c67b30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37198
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A7AE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10c007981a4a743e20370a98f01d87b29d17ca9267aff4494f455ca5d6e758a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4C14 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26e7ec97b3a9cfe49e630a825ed644722eb1c76d5ad26789c7a077a996cca305

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A386 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:31:40 GMT
truncated
/ Frame A386 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d7c4b9967766d1d1da2d1f817646ac4da38bbff10062cba2148f0c94d9ff345

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 25 Dec 2022 11:08:27 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
575914
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=lgIE53xoNkNwTWQ0V2Q4Q3VJaEEyQzNLTmE0VjUySFlyNUhyaUttSlUyeUoxQ2QxVjBrQVQ4a01TS0V0RUYrQVE1akN5MEtMVmhGT3RjaTlIMlZKTVdOUDRYR2NFblUwR3ZGc1didG15U0hNQzM5TVF2akdrRmx0ay9RNE...
357 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=lgIE53xoNkNwTWQ0V2Q4Q3VJaEEyQzNLTmE0VjUySFlyNUhyaUttSlUyeUoxQ2QxVjBrQVQ4a01TS0V0RUYrQVE1akN5MEtMVmhGT3RjaTlIMlZKTVdOUDRYR2NFblUwR3ZGc1didG15U0hNQzM5TVF2akdrRmx0ay9RNEpKeEl2NExLT2s3WndaUGxtSUFwRjJhZGlBUDczcXFSYkdFcnFIRWYvc21DQk4xMy93NVpkZnhPUlI2dG01TXVld0dlN1BHM0ZTMzNnUnVnK1g2dG1WdVhZdWl2UlNTRlFJcW5uU2dweURrNVQ4TDdlOWNHRTQybytyZ1lCZ3hZSVY3UmdoaTFsfA&cppv=2
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
138b890b79c58847ee5172c0f44fbf7f995e0e0ee34d66c65027b7f660be1a1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1093865
expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=lgIE53xoNkNwTWQ0V2Q4Q3VJaEEyQzNLTmE0VjUySFlyNUhyaUttSlUyeUoxQ2QxVjBrQVQ4a01TS0V0RUYrQVE1akN5MEtMVmhGT3RjaTlIMlZKTVdOUDRYR2NFblUwR3ZGc1didG15U0hNQzM5TVF2akdrRmx0ay9RNEpKeEl2NExLT2s3WndaUGxtSUFwRjJhZGlBUDczcXFSYkdFcnFIRWYvc21DQk4xMy93NVpkZnhPUlI2dG01TXVld0dlN1BHM0ZTMzNnUnVnK1g2dG1WdVhZdWl2UlNTRlFJcW5uU2dweURrNVQ4TDdlOWNHRTQybytyZ1lCZ3hZSVY3UmdoaTFsfA&cppv=2
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
744578
content-length
0
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8703 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 25 Dec 2022 11:08:28 GMT
ETag
"623de86a-cf34"
Expires
Mon, 26 Dec 2022 11:08:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 1AFA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1671966504497
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 9A8D 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 25 Dec 2022 11:08:28 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame A874 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
922
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77f11e748e86bbf2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:28 GMT
expires
Sun, 25 Dec 2022 15:08:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 96FA 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c90fc54b1726fa1031bb08365af385cc1e3efca08f8f236e621ef0f119e144

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e742f7b90c4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:28 GMT
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 004E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 25 Dec 2022 11:08:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 075F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=67582
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 25 Dec 2022 11:08:28 GMT
expires
Mon, 26 Dec 2022 05:54:50 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 85D6 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 25 Dec 2022 11:08:28 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2C17 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1671926400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 25 Dec 2022 11:08:28 GMT
ETag
"623de86a-cf34"
Expires
Mon, 26 Dec 2022 11:08:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
prebid
b1h-euc1.zemanta.com/usersync/ 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 11:08:28 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
index.html
s0.2mdn.net/sadbundle/4909879444082661474/ Frame A481 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03d38f615d199d1d4a7d887dbbce000111904f707de87ada964d5ce913d6c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
495850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1307
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 17:24:18 GMT
expires
Tue, 19 Dec 2023 17:24:18 GMT
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A386 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYZuI1PEFtGkx1h01lVfDKAH5Jo3csb-ILFY1ARjeh0S1P8TGnkGvbNbrZ4iIf1gbkV2d-vMpfKv8Iv_XwcXFmTQWYHFe_oSNOGcX7_7t2aA_or-pECBx4oMgwgCOtaZ7NrJjQ0y-14ZSOPzgjS3qEnkbDN-YCbLxWytWjU0Mb3krBnLHzX1xbjZ9zaELqLqyJdOfB1-wmd_rQZD-4PJ1F6I8lzKntqreV1bmQG2Re0qNr5Oh1LOsIuFedX_e4__-80wnf5B9idOYTExou69zjweitkQKj1qLfwnzx3eWFCqx5GmPEaiK-iZDKatzQ9psCnth_hF438xn7BIs2-YAfo2uvKSzF0Pr-GtDL2BWXLfp7QsjfMLsP3pL7YSPJ_O5k5daYf5l7VcKDHD97QNJYZx6fmJ3TD6g54q1XaAZM6Uz9lw1Y_YgQfMtMDea6hH8mdZNSIeah237BGS-WzC_C_t0n9OwuxHbWLUWqHX7xqp48dZzhW2UE2Zlb1zbb-tBIIDxpUHGYd93EKSAz_jyQ_O24eHhhB7vFNuKAhjWw0Mbqnymx3E2wlFx-82boT4rgXOWu5pZI2N86wyoLWSouUCZlm7gbR40W9Mkeyp2iKRv3mC7mVakoYpoJphmVz0lEQ6vaWT0dOZtNAzejbI_eH72aB7-zjnilND0vbgmO6AZEgfqQCTwafUjnGeqPReFzYoHH1uNUMfqERbZK2yijclEl-p_HTuSLKTTIuWPqcKwtJJ9oa7WsYKY4e-HDn9l1BzodzRWJz2U7Jyj04TuoJiqb55mCV-23sRXBYnjUrB5rqMwVI38sqBousC-eaXSdHqvo-x_G_kKhETynt5EWkhFAMB6yJ3JZcC1TLTwBxO4raoSPsgpd192rMieqvD1keh6Bcj49D1M53rKg9a7e4yjCWKUqf9NPnjHHr5opLaAxcGk_DMq474UG5-VDGjjwtf2368zecheqxDuaYoIYbu1Wp9hrwtXE4QCRY0Ki9rVfAJ50-vs_LkD1Kua1LLIIjJB1lRg8ALeckxQf8Es-AVveL-1tUhe1g75INepUOuq5tbh54HBSj-pELWiIok2mf5cF9ABC_-1JZ4OKPFDzZeFc1E2blrR7l9INL8aUHqzWrWszNtmK0_j_uO5OLGo3AK7knEm95d_iuXfAiDIQA0TpplNuZYZkHg-m4NujMRxFQsqrt3lVSDWHaYPLSTw&sai=AMfl-YRQv5Il0wwZjA-LBnxQ0YdvpKBDzP3gzFv2urLIXRQWPOZOI7mNOsAOsJz8hNXAbv05PLBbjLOPNH72nT3rnEH22n8uhcJ0pSy9RkxkrfWCDcZ2jxLvppeclzAltuj0ajXh78i4OdpzrTIi_M9Wk3cYPGi7UFKuqOsbR8t4Mywdro8Y9QPHP8xD2TXyiMHSGg-UMfplwUOmvkCrDx9PXy1RxutlfEofnlXFv2FeHYNJLgBVfflPL0BhPKy_mbkpWlao-FFPlnF90Ds0sIA1F1eTtAKBEE69cwfDGh0&sig=Cg0ArKJSzLHmb1ppYEqmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1729&cbvp=1&cstd=1722&cisv=r20221207.31397&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 25 Dec 2022 11:08:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 25 Dec 2022 11:08:28 GMT
tag.tr
red.vtracy.de/ Frame A386 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://red.vtracy.de/tag.tr?tr_adid=k29065961_s3021957_p354299892_c183209266&tr_mid=0&tr_sync=true&tr_uid1=DC&t=3906291836&gdpr_consent=&gdpr=
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.215.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-215-64.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 11:08:28 GMT
Server
Apache
Connection
keep-alive
Content-Length
17000
Content-Type
text/javascript;charset=UTF-8
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 350E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
184917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Gaze1EsKphq%2FVvImyxkJA0p855hMaAM8NASJhXVtrCqWAnHpUTVnUqID6FptETneQA9WICHGaHlHGWkuW4HPAg8%2FpryQoNE4qWYmVYDlNfM%2F5Tp8CJsi2s1ub5v3xafuHWM4xDh4NUcs13JSyROHuar"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77f11e74e9b22bc9-FRA
expires
Fri, 15 Dec 2023 11:08:28 GMT
animejs.js
static.criteo.net/animejs/ Frame 350E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 350E 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-97a8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 350E 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
img
pix.eu.criteo.net/img/ Frame 350E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=128&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F220816%2F1eef614ede114d069a54e5257cab9402_logo_colorset_2_square.png&v=3&w=596&s=0V5gOn4jQcHkJmvo7dQbeCw5
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
81277ba123bd23d362a498a0ef8a241851ef813e0226bcc86483bc4833657e48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30463004
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12106
expires
Wed, 13 Dec 2023 01:05:12 GMT
img
pix.eu.criteo.net/img/ Frame 350E 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2Fadb1b255a8a44e859d22e584c7a782d4_img_square_1.jpg&v=3&w=1200&s=01JKQy1uWUfNL-3B4pN9nv6f
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30863619
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
110076
expires
Sun, 17 Dec 2023 16:22:08 GMT
img
pix.eu.criteo.net/img/ Frame 350E 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20149819-oQui54vN.jpg&v=3&w=400&s=z9TNHkHNnUfZs1qq3aDAcLu-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
be3f5035c6ea44640ca2f468d2de829b77c3d9dd500d525afc965d7ceafef06c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=296658
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27004
expires
Wed, 28 Dec 2022 21:32:47 GMT
img
pix.eu.criteo.net/img/ Frame 350E 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21186507-M6qrgKJx.jpg&v=3&w=400&s=xN6XUxkzEAIBKART0l6QPQzN&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3845fac52a38850d1badeea495a16ea5afb2aae87b1025fe65891c82cbc2860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=239058
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22232
expires
Wed, 28 Dec 2022 05:32:46 GMT
img
pix.eu.criteo.net/img/ Frame 350E 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1597684635%2F20190048-SweJPMal.jpg&v=3&w=400&s=Ipn6hm3L6fON9tT8MPYliPE1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
09d3ddf519468c26889956c830c25e3a25c79a3a5e4b8e598927a28292412363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=468190
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16738
expires
Fri, 30 Dec 2022 21:11:38 GMT
all
csm.eu.criteo.net/ Frame 350E 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=GXJquEBEE-4gg2IyAwYcevAiFrEFVmkGX7qHbz6N7yQfPSlssXuCh27xAJlu4mHZxUpE6_Xb-jrLSpLFivKGhN6RXZk7Nhu7_fC786t9PtCTA2iFUINCzwUDvXMbjEs40YfynOgpm0OuRPXi1Yhv4stXqBOLlrOf99nIXsvwEFRnBIFA9fXTZoG8fD4M27nK9qtI0uuuYbgEcm_4DHm-bS2Ox1ZL-_D-6s4rB_Cb3nZ7SfYcG8MWZHRsDGkersqBEBHeNQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 350E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 350E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
usync.js
eus.rubiconproject.com/ Frame 004E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fc86d55a194928bdc42584b7b317ba3f5b8e8b7f634d4c03c7013e0c8364a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 11:08:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 25 Dec 2022 01:35:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51956
Connection
keep-alive
Content-Length
10067
Expires
Mon, 26 Dec 2022 01:34:24 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3043
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0ec763a8-2f2c-4800-82c4-1ac66ed396f8&gdpr=0&gdpr_consent=
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0ec763a8-2f2c-4800-82c4-1ac66ed396f8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 25 Dec 2022 11:08:28 GMT
Expires
Sun, 25 Dec 2022 11:08:27 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master cdg-pixel-x30 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0ec763a8-2f2c-4800-82c4-1ac66ed396f8&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame B563
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8583586796627608472
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8583586796627608472
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8583586796627608472
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 75E2 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:27 GMT
expires
Sun, 25 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
516290
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 37A3
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2546D8BD-510C-4044-B55E-2B921A9DF6DC&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2546D8BD-510C-4044-B55E-2B921A9DF6DC&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2546D8BD-510C-4044-B55E-2B921A9DF6DC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 25 Dec 2022 11:08:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FE168NGZ9EXSKGTKNP31

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 25 Dec 2022 11:08:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2546D8BD-510C-4044-B55E-2B921A9DF6DC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
B594SQRMX71H62VMJTVE
Pug
simage2.pubmatic.com/AdServer/ Frame 0569
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9066383568577469336&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9066383568577469336&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
bd333aaf-5d38-4213-82f2-bd8fa44bf20b
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 25 Dec 2022 11:08:28 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9066383568577469336&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
2546D8BD-510C-4044-B55E-2B921A9DF6DC
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame AD31 		0
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/2546D8BD-510C-4044-B55E-2B921A9DF6DC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e765a3f90c4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:28 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 18EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JUbYvVEMQES1XiuSGp323A%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=67582
accept-ranges
bytes
content-length
5554
expires
Mon, 26 Dec 2022 05:54:50 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 18EC 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=2546D8BD-510C-4044-B55E-2B921A9DF6DC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77f11e767b572bb4-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame 18EC 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.216.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-216-185.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.29.44
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 18EC
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1055312138
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2546D8BD-510C-4044-B55E-2B921A9DF6DC
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2546D8BD-510C-4044-B55E-2B921A9DF6DC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
via
1.1 google
last-modified
Sun, 25 Dec 2022 11:08:29 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2546D8BD-510C-4044-B55E-2B921A9DF6DC
date
Sun, 25 Dec 2022 11:08:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 18EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjU0NkQ4QkQtNTEwQy00MDQ0LUI1NUUtMkI5MjFBOURGNkRD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 18EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGpR2AMO6Dsc-fpUXTHIpqs&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGpR2AMO6Dsc-fpUXTHIpqs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGpR2AMO6Dsc-fpUXTHIpqs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 18EC 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 24 Dec 2022 11:08:28 GMT
generic
match.adsrvr.org/track/cmf/ Frame 18EC 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 18EC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7621813348636885045
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7621813348636885045
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7621813348636885045
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame DD4D 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:04 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1e0-8a8"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
sourcesanspro-700.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame DD4D 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:06 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1e2-8a8"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
animejs.js
static.criteo.net/animejs/ Frame DD4D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
img
pix.eu.criteo.net/img/ Frame DD4D 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=8721&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Fb36c36e292dd46478a893899a4e21a5f_breuninger_de_all.png&v=3&w=596&s=xBVRpdhIlVFC6CNuh8oSwFjC
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
9d3b426eab31bb93387e03383277a793a0347d1ff89a3a558479f674dc811e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28480648
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19739
expires
Mon, 20 Nov 2023 02:25:56 GMT
img
pix.eu.criteo.net/img/ Frame DD4D 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F21%2F6%2F3760260457354_0_1624021854918.jpg&v=3&w=400&s=CJvOBHamxvJ_GxpaCHHLkDjQ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
9938ba4bb49c0e231ed1d0c838c8c8be4093310b7211bc1651a678ec57230a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5351375
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8806
expires
Sat, 25 Feb 2023 09:38:03 GMT
img
pix.eu.criteo.net/img/ Frame DD4D 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F10%2F100132878711000_0_1664897741122.jpg&v=3&w=400&s=b110WqJCmsI63zsfK_Mas-k4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3e205b7513de3ee7d42518eb06d335e5b65f3ca304309ec450dc18d514c4456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=6204558
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4584
expires
Tue, 07 Mar 2023 06:37:47 GMT
img
pix.eu.criteo.net/img/ Frame DD4D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Ftradebyte%2F02%2Fmedia%2F2514%2F2236533-6349f329570f8.jpg&v=3&w=400&s=80_BoiDdXFqoL6q56dF-eQ-j&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
1e0070fc411918cf0d31f55a58250abc08f2d745ed04191c0c237df3a5b3c746
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5357500
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2816
expires
Sat, 25 Feb 2023 11:20:09 GMT
img
pix.eu.criteo.net/img/ Frame DD4D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F8%2F100134207113000_0_1661187399494.jpg&v=3&w=400&s=2xpxl0djK4TjDK4eQDjvuAzP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
087c3619139052fdf6b632754ea281396db761a97c45c6bde98652aeeffd12d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5679768
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3100
expires
Wed, 01 Mar 2023 04:51:17 GMT
img
pix.eu.criteo.net/img/ Frame DD4D 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Ftradebyte%2F02%2Fmedia%2F2514%2F2250107-6351e2038e8b8.jpg&v=3&w=400&s=CEf2zvMrxjrZzxRhEoVlMT0y&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6dbe3a6bd4c21a6ae12fea9419f370d1a1b0f4145ba0b0075ca7129ab1beed12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31985
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2300
expires
Sun, 25 Dec 2022 20:01:34 GMT
img
pix.eu.criteo.net/img/ Frame DD4D 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F5%2F100136191715000_0_1653524557497.jpg&v=3&w=400&s=n7oT6hcv0I2ndHqX1LZqfeG_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
146fd5371c16ec55c85e9053c6a0c38acc5effe5ee9cae931f12e256d9441cf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=7763747
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5576
expires
Sat, 25 Mar 2023 07:44:15 GMT
all
csm.eu.criteo.net/ Frame DD4D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=R-aKnUBEE-4gg2Iyh8exjU9UvsP-XerQCQVfkldHEF-bQTAJYcHWGr-6D1HWiiZaX8ALUEukvAyCD7-ma-I3yil13BNHapqwUYhfEWDs3EHIJY33JTWa3HTodrESTJTsnwES9RnDSYXjKaCUOdY1IVQ5IjAF9fXqLd1Rllu1nRhhWIvFtW-m2Mszx08RJ3PRCywhgOrz7L321UFGbJAO02YFERWD12w9xlrJmpMKbZgamkw8Den_vPH1i4XDlmTTMq7mFQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 25 Dec 2022 11:08:27 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DD4D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DD4D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame E7D8 		242 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.214.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-214-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ff38736fe443f41d4f42ee6db1ae8a6b596fe4003a31b0b6fd66e8222161f391

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame E7D8 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Origin
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 01:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Dec 2022 01:05:45 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame E7D8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKQe9mk893aFgCfNqQ6Tquj7FzgA7R8t4rDjGsSq4JiOrsQAe6uoXpoSEi5KOXakPHLseL4HrAXcO52Ux5oMkoX47VSunvFTmcgqMy4BddpmG4a5EJ7VGUbbKB42qZMlNXHOaMOHN7b1AI4b3PIckwqaQQLK66Gd-_gIrZokPxTTSMNiE&dbm_d=AKAmf-Cr3mVYUoy7-ZSQYqCXH0lpFiB_eCFdlQec_LbfUx2_uug_gXgfF19UIvC2NNMAOZ7UrjlV7TUAXLSDiOwkhMJtIpWmMLpu4eACRmcTdsAzthupDc2I7Jv6oNE69G8SniL-DV4ROJTgzKBxxW1Zj2k4KWEB3-poQfPs2XkNOILXnqUN8VTgvEBFJqZVRE0Ifjv95ZB5_TV6r3n7BH2URXuNZe1T6EbMmqkKz-EKPsPxKEowT-Pjen66bdxmr2kBiWgJe5cMhWC4hHbZKxFyNKfme5wJjgk5rEyri0t0qmNUAl2i3wxHfLkMg8bVc-Oy2VvYALcjzMSvsrkN-lSzTbTHJ1v-6V9IeTUsRnG6tgppw2eXLL5wAjEskJfRI35nqr0-nSEj647kunwUKSYeZEz9BqwPKeq7daYJyt-T-MLWtRaMxuoxfX2r4mK0n7_8uNrqLGOAoa3tpSrWKZMmAyc_hSHBy0Ny16q_hXpAfOmPLHJweYFmZMehnjdKHUD2GQT6JrB39CJ2nHKIfXJuotGpw1WQK8dd6_DjxgehUuhF_Nbn0GFyi8se16VexuFriN8AUqfdEnAQoZhbY1C8qrPjYVfrjPor6Jy9anmVKP65JTpKKx6zZfZfwEafyRWe-MU8Y7TE0eB_VvltHJG6ZFzFiFa-Th0K6d7XeLpgFMNmVgVobYyzFQPMnWEtK46niISnqVvZvhYaBPu7WPGXctgHqMgHu87FWUyUacjWU2e4MSnWZavpV84mXQLy2lwfqMEGHASi02GlL3MFg1KBJH0Tr5hM9b1ZjKvzc4PgJlW-OOh37QaatfAJAYwmM8Balg2d4XNF6W8RHNsX5mrqvBS_pN6xwOuBmxpuZlhXqAjqp0PL25tgT8sLGEhgJ-lCxTxUeqsroNfXalZFGmxwnTSAS7AkYeylPx7A3jI0f6fgb1ZewQBzNuYUqiblj076sj1hnB9p7drM60aBWGYEkPP9awOlXBG7ZUd_u6SFQrg-IUt-XSx2IifyLK-RyZ-oqKu82u4aSjDozIOFwEgj4Ii2vxAeUmWX0z9KV9br6hgLRC9lYsLBnyVhHmWnfp6lxdcT8YVIfiYL73QVO3PSbavRrX4NGPjBQ_I9VNigtluZg-yf4h2ND0RBVvwaH1i9xt2pvRSIhdLoNqMUhjr5PR_A1fyqT0xXDVF-x1SuzriJINZdzayyAjHlhpT9P7BsOmncQjHFuZHr5s0lTAs7mtOhe5kBt5E9NZhN5aQV0NrPS5InBFsjyxOCAtmFl-ymxKMsSN2PmKgfwegb8zSFyAFjsIMiEuWDrDYIqzD39ZOQReCreBtxgJ0lGFCGVJUaqaHHktPSAPLWdE729aN1SERGWSKsob1gQtBFiMu3OQci5pYeOH_t4ddjbPpnIerDPwc8NtkVf2oBFLA6s-GiNCqocjpm8xG0F2Ej9N7uZj_t_ICYdocabAJxzdW3BuLOT8iQjc_-Fko0c96BWb_18pDOPQ55vx7C6YOJlu0jSLYQVbBzSPAKP5HhyE0L2SZSMGwCqC2XrZEpoDESMwmlle5HoLZsiboT9IeyWwtwhUHSPlolMS9iHruZkvPqdV1vjF1iKjbBEX6C9QqzGUin4ic5BNIrF-vmHhTjrTNKIcsCpe-Gbdbl5Q1uoFxT1oUGrVQWuJgcv9c0L3e0uX13mUXzn2-9i6FzcxUqGX9-wl9YALA-sV9ZHfq0KkCbdpIp9nFyJDZmO8GiIYASS30_QMwP_rm9vLrJH7p0K2YwjVpZ7dts4bhBPpqwGr7OqQH2-HvqexeRhstDw--DWdlK-oWC8KZHgxux8K3q-L0on6lF-Qv6SRqt0YnrV2715nmnhxD2glVUzdYscbu6QLCEX79vuSxmjP13016suctivrd80b6ojz4Ve8fHCrS5XBJHzlrcXI2NXErelc6Lhf8hAtXP1hDYapYTIS4dkVPm3-3F2xxFK5yj3hwgvsn-Vn92l97DxaRCaA5lHcElbmX4vKcawUGkwGxG6tux70XDA3H3HwupipG5eflIjEErc7G_VDihLE9tTRSl5uXbpMnRATqRln4ELpdYJlA-Xvq8UK8EPrRyg_a9cIIcyrXjaGuPTYJX_6Ic9U7XRGIooE04uxlMu2FrOzGMAiV2Pp5QcCGDLz_m8bU1qHXHmfwvbxCQLWvyC_PZsvoAKkA4j3E6B3pyNEWMU4JQzlQT7YxyRo74A9T-dtNa4cL0kLxbnUsFrUVsuYkV0_hijaUz8OvswV3lGWcSvSolNMi0nPRiT-dTiDuY7qrl4mLr4TxtEWPzwikG7CgmVIahtKnsRq32cUkH4BfxDEIBjuoXWEz8fJPucBp80kn0FxT0qEaHy4IwpRETK8XXVCY6ShAKQ7sqSFS1NuTmn0pgZeflAeFLrHtdCbPuYm8YBux3U287nZUV8HqNcHcrpl0v3k-CQSs3CYvfpfjB5X9lgZwtR0hVBQ4npsQg8VYbLsPfgzS1YULBgVax8Ze2RjqYf5kE07wmqBp7WMgVhWalSTD9naUuJOytUElIAj3fO4qA1oK-Jj3dAan1s0zqw7kpLH18koY5sJcrjeoQxMzANKkVWIc9fRM92gMP0D49EfafO66DZXNIfuNahJGQx5iJWYybvNVIM-qICGYvlgmgIG468-G3nIEPko8Ojf5EMMweaPDxEfWTIZ4plRXCO-l-mJSIKuhjAR3iTmzTSqNNfGNWCwmYt_UUJXAd7u0MDoSP2uF2PGutYJOjvhIKuTj6uLKa-yDbBp4bd16AOesA1XFK4diSJZjDSUBUb48cklFnR63aHOmg7mtsMoAEuivc-MmpoVZ6bIqH_U3X8--OcDMbjtA2fG8j3pNuyMxXwYs5Bf9WZRc4N4o8YHJq9JNiJz-XJKitx2XiSAGqMy0__61XLGi-TEOGvgBvRQynTzxfaLqlOfK8y_ytUCxrcNK2enO2G1W2bwy2Ckb8tyIhhl5vpWn3uAHmhT9Gkargpfb6uFyNbySIa7JkTfVKNMduoy2JnMKdPHmXzQq1KtH015AvhZ6jfZ9TKMoICP74zitkmU7OB41GQMBrEva2riD-mfX4t3aSYZFMNBcQ68g6YdecwhKyXoXVzd-a2Y5a9SN61FK6LxzpPBH5UDNq5kgUaY94ASD_IkhTsmBDUPW6aeKM7zHEpUjmMaNC1hgmTVFVaazFVT9euboNrXSc7FaO9q0WTLXRlhttmAokX_CZMQuKABjv6rOmkESbKXnAcRAtFZ6_ukXtWm2IwdgUMWrzx0xF0dbWfZx-v5QJyKnTjaj13n_ZQwYy8xW36_l4E07B44Zp2FqhZQXvfgL8I4xP2LWh8dfbP1TBNIuC4wfwTgxD8rAvPnXDbF80H0iAzuEobGVg4TrYrO5ekXAyX4i_3frX43uPLlGhQNAKrCvq8HTph2be78JUv4WZ1EOVHeVO6g1XzIYrVzUzJ6uo&cid=CAQSTADq26N95NK2PfcnvfhgG8KvPO223qxnyPkuhPoUsyinnfE4oqrZZND9qDwHD4rH3X52OBD4aaiTr0Xeo97FwjDRF9FOY7Lv4NdbtgQYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=3505846035244927000&adk=943508955&idt=608&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 01:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
36163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Jan 2023 01:05:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame E7D8 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKQe9mk893aFgCfNqQ6Tquj7FzgA7R8t4rDjGsSq4JiOrsQAe6uoXpoSEi5KOXakPHLseL4HrAXcO52Ux5oMkoX47VSunvFTmcgqMy4BddpmG4a5EJ7VGUbbKB42qZMlNXHOaMOHN7b1AI4b3PIckwqaQQLK66Gd-_gIrZokPxTTSMNiE&dbm_d=AKAmf-Cr3mVYUoy7-ZSQYqCXH0lpFiB_eCFdlQec_LbfUx2_uug_gXgfF19UIvC2NNMAOZ7UrjlV7TUAXLSDiOwkhMJtIpWmMLpu4eACRmcTdsAzthupDc2I7Jv6oNE69G8SniL-DV4ROJTgzKBxxW1Zj2k4KWEB3-poQfPs2XkNOILXnqUN8VTgvEBFJqZVRE0Ifjv95ZB5_TV6r3n7BH2URXuNZe1T6EbMmqkKz-EKPsPxKEowT-Pjen66bdxmr2kBiWgJe5cMhWC4hHbZKxFyNKfme5wJjgk5rEyri0t0qmNUAl2i3wxHfLkMg8bVc-Oy2VvYALcjzMSvsrkN-lSzTbTHJ1v-6V9IeTUsRnG6tgppw2eXLL5wAjEskJfRI35nqr0-nSEj647kunwUKSYeZEz9BqwPKeq7daYJyt-T-MLWtRaMxuoxfX2r4mK0n7_8uNrqLGOAoa3tpSrWKZMmAyc_hSHBy0Ny16q_hXpAfOmPLHJweYFmZMehnjdKHUD2GQT6JrB39CJ2nHKIfXJuotGpw1WQK8dd6_DjxgehUuhF_Nbn0GFyi8se16VexuFriN8AUqfdEnAQoZhbY1C8qrPjYVfrjPor6Jy9anmVKP65JTpKKx6zZfZfwEafyRWe-MU8Y7TE0eB_VvltHJG6ZFzFiFa-Th0K6d7XeLpgFMNmVgVobYyzFQPMnWEtK46niISnqVvZvhYaBPu7WPGXctgHqMgHu87FWUyUacjWU2e4MSnWZavpV84mXQLy2lwfqMEGHASi02GlL3MFg1KBJH0Tr5hM9b1ZjKvzc4PgJlW-OOh37QaatfAJAYwmM8Balg2d4XNF6W8RHNsX5mrqvBS_pN6xwOuBmxpuZlhXqAjqp0PL25tgT8sLGEhgJ-lCxTxUeqsroNfXalZFGmxwnTSAS7AkYeylPx7A3jI0f6fgb1ZewQBzNuYUqiblj076sj1hnB9p7drM60aBWGYEkPP9awOlXBG7ZUd_u6SFQrg-IUt-XSx2IifyLK-RyZ-oqKu82u4aSjDozIOFwEgj4Ii2vxAeUmWX0z9KV9br6hgLRC9lYsLBnyVhHmWnfp6lxdcT8YVIfiYL73QVO3PSbavRrX4NGPjBQ_I9VNigtluZg-yf4h2ND0RBVvwaH1i9xt2pvRSIhdLoNqMUhjr5PR_A1fyqT0xXDVF-x1SuzriJINZdzayyAjHlhpT9P7BsOmncQjHFuZHr5s0lTAs7mtOhe5kBt5E9NZhN5aQV0NrPS5InBFsjyxOCAtmFl-ymxKMsSN2PmKgfwegb8zSFyAFjsIMiEuWDrDYIqzD39ZOQReCreBtxgJ0lGFCGVJUaqaHHktPSAPLWdE729aN1SERGWSKsob1gQtBFiMu3OQci5pYeOH_t4ddjbPpnIerDPwc8NtkVf2oBFLA6s-GiNCqocjpm8xG0F2Ej9N7uZj_t_ICYdocabAJxzdW3BuLOT8iQjc_-Fko0c96BWb_18pDOPQ55vx7C6YOJlu0jSLYQVbBzSPAKP5HhyE0L2SZSMGwCqC2XrZEpoDESMwmlle5HoLZsiboT9IeyWwtwhUHSPlolMS9iHruZkvPqdV1vjF1iKjbBEX6C9QqzGUin4ic5BNIrF-vmHhTjrTNKIcsCpe-Gbdbl5Q1uoFxT1oUGrVQWuJgcv9c0L3e0uX13mUXzn2-9i6FzcxUqGX9-wl9YALA-sV9ZHfq0KkCbdpIp9nFyJDZmO8GiIYASS30_QMwP_rm9vLrJH7p0K2YwjVpZ7dts4bhBPpqwGr7OqQH2-HvqexeRhstDw--DWdlK-oWC8KZHgxux8K3q-L0on6lF-Qv6SRqt0YnrV2715nmnhxD2glVUzdYscbu6QLCEX79vuSxmjP13016suctivrd80b6ojz4Ve8fHCrS5XBJHzlrcXI2NXErelc6Lhf8hAtXP1hDYapYTIS4dkVPm3-3F2xxFK5yj3hwgvsn-Vn92l97DxaRCaA5lHcElbmX4vKcawUGkwGxG6tux70XDA3H3HwupipG5eflIjEErc7G_VDihLE9tTRSl5uXbpMnRATqRln4ELpdYJlA-Xvq8UK8EPrRyg_a9cIIcyrXjaGuPTYJX_6Ic9U7XRGIooE04uxlMu2FrOzGMAiV2Pp5QcCGDLz_m8bU1qHXHmfwvbxCQLWvyC_PZsvoAKkA4j3E6B3pyNEWMU4JQzlQT7YxyRo74A9T-dtNa4cL0kLxbnUsFrUVsuYkV0_hijaUz8OvswV3lGWcSvSolNMi0nPRiT-dTiDuY7qrl4mLr4TxtEWPzwikG7CgmVIahtKnsRq32cUkH4BfxDEIBjuoXWEz8fJPucBp80kn0FxT0qEaHy4IwpRETK8XXVCY6ShAKQ7sqSFS1NuTmn0pgZeflAeFLrHtdCbPuYm8YBux3U287nZUV8HqNcHcrpl0v3k-CQSs3CYvfpfjB5X9lgZwtR0hVBQ4npsQg8VYbLsPfgzS1YULBgVax8Ze2RjqYf5kE07wmqBp7WMgVhWalSTD9naUuJOytUElIAj3fO4qA1oK-Jj3dAan1s0zqw7kpLH18koY5sJcrjeoQxMzANKkVWIc9fRM92gMP0D49EfafO66DZXNIfuNahJGQx5iJWYybvNVIM-qICGYvlgmgIG468-G3nIEPko8Ojf5EMMweaPDxEfWTIZ4plRXCO-l-mJSIKuhjAR3iTmzTSqNNfGNWCwmYt_UUJXAd7u0MDoSP2uF2PGutYJOjvhIKuTj6uLKa-yDbBp4bd16AOesA1XFK4diSJZjDSUBUb48cklFnR63aHOmg7mtsMoAEuivc-MmpoVZ6bIqH_U3X8--OcDMbjtA2fG8j3pNuyMxXwYs5Bf9WZRc4N4o8YHJq9JNiJz-XJKitx2XiSAGqMy0__61XLGi-TEOGvgBvRQynTzxfaLqlOfK8y_ytUCxrcNK2enO2G1W2bwy2Ckb8tyIhhl5vpWn3uAHmhT9Gkargpfb6uFyNbySIa7JkTfVKNMduoy2JnMKdPHmXzQq1KtH015AvhZ6jfZ9TKMoICP74zitkmU7OB41GQMBrEva2riD-mfX4t3aSYZFMNBcQ68g6YdecwhKyXoXVzd-a2Y5a9SN61FK6LxzpPBH5UDNq5kgUaY94ASD_IkhTsmBDUPW6aeKM7zHEpUjmMaNC1hgmTVFVaazFVT9euboNrXSc7FaO9q0WTLXRlhttmAokX_CZMQuKABjv6rOmkESbKXnAcRAtFZ6_ukXtWm2IwdgUMWrzx0xF0dbWfZx-v5QJyKnTjaj13n_ZQwYy8xW36_l4E07B44Zp2FqhZQXvfgL8I4xP2LWh8dfbP1TBNIuC4wfwTgxD8rAvPnXDbF80H0iAzuEobGVg4TrYrO5ekXAyX4i_3frX43uPLlGhQNAKrCvq8HTph2be78JUv4WZ1EOVHeVO6g1XzIYrVzUzJ6uo&cid=CAQSTADq26N95NK2PfcnvfhgG8KvPO223qxnyPkuhPoUsyinnfE4oqrZZND9qDwHD4rH3X52OBD4aaiTr0Xeo97FwjDRF9FOY7Lv4NdbtgQYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=3505846035244927000&adk=943508955&idt=608&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 00:34:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
38066
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Jan 2023 00:34:02 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame E3A2 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Origin
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Dec 2022 07:35:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame E3A2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPCj7c8RYE3ZlSeGJQ2Ze5oVfvXCruYbNzG5eDAOOn2uqypGksii_Mk_bLqpJbj51RFbKCg9zyUuquWJzwOLRiF6QdytSEjMcY2cfBqTst4Lp19ZKR8rpvilvuQPDq3Dlsr4wS3k0UKH3lFBlh_UudJtVt0888XahVvYFcSz1CucqGgaw&dbm_d=AKAmf-AqRBOrvXYBYysHQSOF5dK4u3btDN6aUZeFnz3_MXcs0cWAaMTON5tBkfgyN6Bh-06SUNzGpeNyQnqi0fdNrgGdshmk1wVcaDzdtusaNlgrwmCvYLXhFwBODv2Flz7WPOVqr3g9Js8BO47cxJMQxgYXkJwH6LUwO5RG_HXFqlJqudNxr4lzHXkRdMLJ3Vl1HthwCNWVymhd-Lx_G99IOonKEjdcgmEWKSrucq7bPayznT6L1ePdEW05-0pnBAZvJN8Wamb99K6O6J9zFrm2D3v_6cWJ7eIRgWnV1GtEI-BwqTn7xpNDyww-J818B-5b2mIQ83EnGW1v61tfjlq1A-9upunlOOLSKqg4TBq2ueoAL1hNrM4gWcvORvfM4ug99Z8-RUfaL5Xbp8JPFyFZ2Wk3UjtYFv8n40KTCVdpBD7s9Zxx2pQp6EAaSGe0yLmExJjFHNlZqSOlV5sphZgcZGrUd7uC9qRA6CDbW6F-8CqANaxiOXTDCMnvzo_8GGZn1ssNSSJXStjs9Ffr8snQXCEhKiD1-LePePwct5Mj-FAJHWhgqbmPW9UmLukbE7Dg32lMpU3tzXpFXgdGXNmsQWj1x5tshF8LticAZMjHNYf2hrbG0BKKVDrRgD6OVCF7HghJNZrMIOcoYRhOfTs5cCSVEzJK_U6beVSpXZV-GtwHnkNGTRyHAPjhiCZnCF_l--EUVUgWAZQJmTT6VnOb53i-13ICSm9zjHwYUgbbOgCWZPDRLoQ9c8HI8wWejYeGDH1DjxtxukbtW6e41BTv6YcTIV7V4FzGWEqjP9Lqc1MLpg0ZTCqg6fGTsCWrvLe3nIi-kmRmf2jp8AbTrYesBDKK2z3uR5XCSBVsHcSdsKrnv_VgtveCQh3doNoTXvr4gbXUDuJoOZYPJWNaqG_bQKclC0oS6i9dVoOe6kyFMDbFUn0tzqsZ8qN5oSKw5BJj-_HipOMy7trKFrMOvx24V06iFQwPh1Hac_Rsk3VJo_OW35MKuDwNdqBTZjjpm6nWkfdmo6XV3AAjAMqlFqAV-0-Kls8fg0FuJduWYzUFb_ybXk8nN6EfOGE0vIhJ3s5aK16N-mRikUU6L-oWyYZvIseCmbs3Mad_gze3tH9XHVcjloetNknAJJGpxBvoX90NRzc8qzkImmLYyIhwO7yIgwvwRlOjENuflZTf1gbUPCg3Tzq8IyJbb_XicFBVD_Ym9kVPSkn8wdEAd3xVmIpHSNRbjWYgf90AmzRkFARK-F9SWypIp3EQPzuA2Jzpk6Ryzc_11bVHYx_xJ0AmPg1yZQRQakcuoQYOYht0PUGvG16nccbD4tNhcsUyOhtgNZoCyqI6vsKTiYGs37r0adN_NmCHDuWmUG64T_XdegwD1dsR_1Zuvz--syXBJYe1nQKMQrXewxwqMxM-PhZTyTL4L_rczh1ZImIfhGlMhn8-rmFTkZR5pwL9olpIJipGCWir42ryzveie7ozi-L9JPzgJWpliv0wPBOEn9XTIo71GVhzZtFE-haZ4u7SWy8h3_46Cte2z4IwqMQkT68y4yOUh1McsSzebDMZZZ45PHoNxQT3Fz3kr-KRQacWHbyMH_zLCR8ZF3HC0p9WtYxy7UrhuotsdR4EOdGulJejwYsbmjbtjRZnzHdPwuOuE1MUFb2QOgeExoWDE-hbNFVUOUJs-DgyqIotV1oxqCTpLZcFmDL7KiMUG0AzF68TeVvFj201DshOs7_6hv-O7yJOkDon3Czp68JOeEDk179Bb_8E-HPIw4UVdwEGD3H3tkkIR-T1iTlQsFzkWslgj_LEgqVDy4weVvzzX1JbpF35qWKpS_BZu4Kt0cGYTeUYgVzLrNz_2hOBI9Q-S2vEfHo2skGueuOq0_nrSs5ig0OHo712KG1sBhBq6EOXUtlYX9FLHuy-BJ0vnX-rfVe43_WikTQ4mhK-QzayHeooP09tdgIdOifpX3Ax8svzswE5xMDEa_rk3QouT3c5gBLbY68H14cfkxAo1q5nCtP6B65ruCPfoT5tmq4ePu5X2jIGWnadHvQS8gy2YT-0ziUM4ruZ9Y7fjOp4PUv5viw4Dbn1fI-mMUQyqa5uQIdsMjVcINt8WY1fw0sGPqxBVFKqnTIjsGdE5Wiuk6rDHhedMQgwl0OKsAmUzKj8xhCk5q4AyPezoleypmOFbgJQoiNKScOyvYNNz9Plg6HZBlR7nlMB37i2TKqnom6jPV3taOskxoFbvFV42dN5jbN0ga3rIfLQvpWO7cJm3tDTRaJmDjEHn9_ADHH9acFQMod6U8Rl0TvhamqfcXfaFU9Q6Xd4URpKzcHP0VcwctmuDZx1wPk7xlI275uqgjmnLZHPk3binK2nbVG-GqXr2lT-hFc9NeV4OD2gOPe60THzTyBj4twNlu5AfEc6Ay2s-25UY3bOn-g-t_Ukff1Rhqf98F1n7HYjpB0TOb81dsUZLUzkrq2ntYwUEC_ZQxM7-xBaXqIICDEAWPjCUklyUmGNe0YvqSk3Ve9TTZ4WAM6xj4kuNRGRAr-xxMWm8nxmf_SUHClTqfNqCdTiV1iH7YGAdTmjZi3jKagCWpwR4iXFaoUE9TU4_NY0Zk9RA6OtxdCG2HiXQSe0dKUSH6KN_UEUnInMKr7vTNTpnras80si-lxBYFa7j-vLAwNsS_pVDg1ChTSg8Docq66mGK38WhIS61PDjMwVof_KnHvObCF3q1cehIeWPf1D4x4rrgtA-4hycIiql3QLPep-f8KXF09aIHT81OTmcIGRZ3gUN-FHY2UiBzRhQ--vMfzpTuhQ0nHmHbjypEGLQsJ1vYgV0Fn1ioqLz9Qy77whKd8yFO5Ns1424_4p7WSel5mb1DNr1Uht2eP-bx9c6XKNDp3inww0xDG-4hSyFRhFhfXid2FDNb3i8e8RYHY2j38AB66oDEl5s8QB5kKAulZozXW44X0-WUCgH8hK3vyPySwf1zuIsd6f-J5SUU_P-fidqSPr3CJs_t2XBSmIbmkSG7zGFVXEKm1PJobgKdb2n5dTmhem-isZM4FB30S_7LZQ8f9WOZUXtzAQ8G8UZ5DGblJpapsUfDP771BlUAE60F2o_qMdFwDRkz0yvqpEscR-4nRkJyXSdR6v98oFTKphyyExcCrdIOaVPniZ4d5NLSsaC47N08jNqgQy-UuV5wGISDFfFL5GNWwD2lv6QhMX4SvBLlIXwGOKO1CkAi2LI8zqTJ2PkoX28OQOmwC6i71cOJcDppMaK-zyP-HH1vwKe7ElUA-C6C5mMQlOLZY97Lgr-3ZsjBmAaxjMZtQajEZhHVnpBe8&cid=CAQSTADq26N95NK2PfcnvfhgG8KvPO223qxnyPkuhPoUsyinnfE4oqrZZND9qDwHD4rH3X52OBD4aaiTr0Xeo97FwjDRF9FOY7Lv4NdbtgQYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=11438024863911205000&adk=3690638929&idt=591&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 01:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
36163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Jan 2023 01:05:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame E3A2 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPCj7c8RYE3ZlSeGJQ2Ze5oVfvXCruYbNzG5eDAOOn2uqypGksii_Mk_bLqpJbj51RFbKCg9zyUuquWJzwOLRiF6QdytSEjMcY2cfBqTst4Lp19ZKR8rpvilvuQPDq3Dlsr4wS3k0UKH3lFBlh_UudJtVt0888XahVvYFcSz1CucqGgaw&dbm_d=AKAmf-AqRBOrvXYBYysHQSOF5dK4u3btDN6aUZeFnz3_MXcs0cWAaMTON5tBkfgyN6Bh-06SUNzGpeNyQnqi0fdNrgGdshmk1wVcaDzdtusaNlgrwmCvYLXhFwBODv2Flz7WPOVqr3g9Js8BO47cxJMQxgYXkJwH6LUwO5RG_HXFqlJqudNxr4lzHXkRdMLJ3Vl1HthwCNWVymhd-Lx_G99IOonKEjdcgmEWKSrucq7bPayznT6L1ePdEW05-0pnBAZvJN8Wamb99K6O6J9zFrm2D3v_6cWJ7eIRgWnV1GtEI-BwqTn7xpNDyww-J818B-5b2mIQ83EnGW1v61tfjlq1A-9upunlOOLSKqg4TBq2ueoAL1hNrM4gWcvORvfM4ug99Z8-RUfaL5Xbp8JPFyFZ2Wk3UjtYFv8n40KTCVdpBD7s9Zxx2pQp6EAaSGe0yLmExJjFHNlZqSOlV5sphZgcZGrUd7uC9qRA6CDbW6F-8CqANaxiOXTDCMnvzo_8GGZn1ssNSSJXStjs9Ffr8snQXCEhKiD1-LePePwct5Mj-FAJHWhgqbmPW9UmLukbE7Dg32lMpU3tzXpFXgdGXNmsQWj1x5tshF8LticAZMjHNYf2hrbG0BKKVDrRgD6OVCF7HghJNZrMIOcoYRhOfTs5cCSVEzJK_U6beVSpXZV-GtwHnkNGTRyHAPjhiCZnCF_l--EUVUgWAZQJmTT6VnOb53i-13ICSm9zjHwYUgbbOgCWZPDRLoQ9c8HI8wWejYeGDH1DjxtxukbtW6e41BTv6YcTIV7V4FzGWEqjP9Lqc1MLpg0ZTCqg6fGTsCWrvLe3nIi-kmRmf2jp8AbTrYesBDKK2z3uR5XCSBVsHcSdsKrnv_VgtveCQh3doNoTXvr4gbXUDuJoOZYPJWNaqG_bQKclC0oS6i9dVoOe6kyFMDbFUn0tzqsZ8qN5oSKw5BJj-_HipOMy7trKFrMOvx24V06iFQwPh1Hac_Rsk3VJo_OW35MKuDwNdqBTZjjpm6nWkfdmo6XV3AAjAMqlFqAV-0-Kls8fg0FuJduWYzUFb_ybXk8nN6EfOGE0vIhJ3s5aK16N-mRikUU6L-oWyYZvIseCmbs3Mad_gze3tH9XHVcjloetNknAJJGpxBvoX90NRzc8qzkImmLYyIhwO7yIgwvwRlOjENuflZTf1gbUPCg3Tzq8IyJbb_XicFBVD_Ym9kVPSkn8wdEAd3xVmIpHSNRbjWYgf90AmzRkFARK-F9SWypIp3EQPzuA2Jzpk6Ryzc_11bVHYx_xJ0AmPg1yZQRQakcuoQYOYht0PUGvG16nccbD4tNhcsUyOhtgNZoCyqI6vsKTiYGs37r0adN_NmCHDuWmUG64T_XdegwD1dsR_1Zuvz--syXBJYe1nQKMQrXewxwqMxM-PhZTyTL4L_rczh1ZImIfhGlMhn8-rmFTkZR5pwL9olpIJipGCWir42ryzveie7ozi-L9JPzgJWpliv0wPBOEn9XTIo71GVhzZtFE-haZ4u7SWy8h3_46Cte2z4IwqMQkT68y4yOUh1McsSzebDMZZZ45PHoNxQT3Fz3kr-KRQacWHbyMH_zLCR8ZF3HC0p9WtYxy7UrhuotsdR4EOdGulJejwYsbmjbtjRZnzHdPwuOuE1MUFb2QOgeExoWDE-hbNFVUOUJs-DgyqIotV1oxqCTpLZcFmDL7KiMUG0AzF68TeVvFj201DshOs7_6hv-O7yJOkDon3Czp68JOeEDk179Bb_8E-HPIw4UVdwEGD3H3tkkIR-T1iTlQsFzkWslgj_LEgqVDy4weVvzzX1JbpF35qWKpS_BZu4Kt0cGYTeUYgVzLrNz_2hOBI9Q-S2vEfHo2skGueuOq0_nrSs5ig0OHo712KG1sBhBq6EOXUtlYX9FLHuy-BJ0vnX-rfVe43_WikTQ4mhK-QzayHeooP09tdgIdOifpX3Ax8svzswE5xMDEa_rk3QouT3c5gBLbY68H14cfkxAo1q5nCtP6B65ruCPfoT5tmq4ePu5X2jIGWnadHvQS8gy2YT-0ziUM4ruZ9Y7fjOp4PUv5viw4Dbn1fI-mMUQyqa5uQIdsMjVcINt8WY1fw0sGPqxBVFKqnTIjsGdE5Wiuk6rDHhedMQgwl0OKsAmUzKj8xhCk5q4AyPezoleypmOFbgJQoiNKScOyvYNNz9Plg6HZBlR7nlMB37i2TKqnom6jPV3taOskxoFbvFV42dN5jbN0ga3rIfLQvpWO7cJm3tDTRaJmDjEHn9_ADHH9acFQMod6U8Rl0TvhamqfcXfaFU9Q6Xd4URpKzcHP0VcwctmuDZx1wPk7xlI275uqgjmnLZHPk3binK2nbVG-GqXr2lT-hFc9NeV4OD2gOPe60THzTyBj4twNlu5AfEc6Ay2s-25UY3bOn-g-t_Ukff1Rhqf98F1n7HYjpB0TOb81dsUZLUzkrq2ntYwUEC_ZQxM7-xBaXqIICDEAWPjCUklyUmGNe0YvqSk3Ve9TTZ4WAM6xj4kuNRGRAr-xxMWm8nxmf_SUHClTqfNqCdTiV1iH7YGAdTmjZi3jKagCWpwR4iXFaoUE9TU4_NY0Zk9RA6OtxdCG2HiXQSe0dKUSH6KN_UEUnInMKr7vTNTpnras80si-lxBYFa7j-vLAwNsS_pVDg1ChTSg8Docq66mGK38WhIS61PDjMwVof_KnHvObCF3q1cehIeWPf1D4x4rrgtA-4hycIiql3QLPep-f8KXF09aIHT81OTmcIGRZ3gUN-FHY2UiBzRhQ--vMfzpTuhQ0nHmHbjypEGLQsJ1vYgV0Fn1ioqLz9Qy77whKd8yFO5Ns1424_4p7WSel5mb1DNr1Uht2eP-bx9c6XKNDp3inww0xDG-4hSyFRhFhfXid2FDNb3i8e8RYHY2j38AB66oDEl5s8QB5kKAulZozXW44X0-WUCgH8hK3vyPySwf1zuIsd6f-J5SUU_P-fidqSPr3CJs_t2XBSmIbmkSG7zGFVXEKm1PJobgKdb2n5dTmhem-isZM4FB30S_7LZQ8f9WOZUXtzAQ8G8UZ5DGblJpapsUfDP771BlUAE60F2o_qMdFwDRkz0yvqpEscR-4nRkJyXSdR6v98oFTKphyyExcCrdIOaVPniZ4d5NLSsaC47N08jNqgQy-UuV5wGISDFfFL5GNWwD2lv6QhMX4SvBLlIXwGOKO1CkAi2LI8zqTJ2PkoX28OQOmwC6i71cOJcDppMaK-zyP-HH1vwKe7ElUA-C6C5mMQlOLZY97Lgr-3ZsjBmAaxjMZtQajEZhHVnpBe8&cid=CAQSTADq26N95NK2PfcnvfhgG8KvPO223qxnyPkuhPoUsyinnfE4oqrZZND9qDwHD4rH3X52OBD4aaiTr0Xeo97FwjDRF9FOY7Lv4NdbtgQYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=11438024863911205000&adk=3690638929&idt=591&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 00:34:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
38066
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Jan 2023 00:34:02 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Dec 2022 11:08:28 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634098/ Frame DBC2 		242 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634098/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.214.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-214-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
dc03335899ade7f7efe0b508cd892de15f460e53e0a6339fb23cde18be8bd9eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame DBC2 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Origin
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 01:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Dec 2022 01:05:45 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame DBC2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dd4bnkLRzBcXfjBFab0rcIJydlnB2ThMIU5r9CsYuyA3xY7FCz5ubcVBWiNgSka18yZr0sZR1q4hwwwg0N30nBQ8hQAvkEhWUSfwzzrx20NVaM63Xpr46HtZn741JZ6BfmT8rG3BM9bdrh7FDTd47sBmDCV67HwExVFrd0NWR1kiQVP98&dbm_d=AKAmf-DSQTb-I0DU0X2UuCOCzaZoEa93LtcvUKLsCEDVSwbHQiNoJiLDF7R_72i3cXC-gwc-2XEZaGxpAOF799TjVVLvQEc8PXGUHGguFj4LaLnWC6qAqgmhO2ua_EMoUs53EWvHl1PNN1XyN0znNI3ccL-IpV3Zg-JjXLdUElTk5G0ZpYxaLOeFrIHtvYu5VxNob16vF0B4oSs9Dc8DEGqXny68xKrhSKKmfJULYG2a43EUoxLGVFNt_oFpBPUwCbdG0C1_6PwbAFikK-jE9aS0dNc4sd0tmD5GKeSvoruxIqiIGy6EY91gvUCT91sKubC2nRA4MXkQzzS4XmHzFKgschgNBIZVCCVdeuSIKIvumr0BOj09ksdZzzVw1h_3sYcthbC7-y7axQofaiC7ZDv2ZAyVyNw06AWlpj39ZV9p6S-PVrZR_WQSQuer-n0l-dEKpzfCBQugtAjMl0K9ll3RnPQZIto4RVGGXXFDsw5puokuZRM5oOz3ucNe3rTpEm044s6gjt_aip46YcqM3zqUsfXbG86syvU9C2T0rJrFJ1oTZlptlswiDeslJlsjVay_xft_Mwk83c7Wf9CW1L6HAP-Q410rVJJ9Ho5kZ55nyFk-xcNwLtHfcv8suTIldiVtE_oM2IaastutZGOEoMg6yT-cjTeBewVknp7cF4PTKFg0_Ffz1ZZzBmWjXdrwCth7VUWq0mtnECzSOcuECzWQjX3vK9j24o360b_uBue-IJeSmaRCI6aJXoFTFs9LtE-p9HBVHWmHY6Nu97Cz7SV952b8IJO8twF34RFGaJ6CH52GYZtWGvpHxUb61U1WuLt6xXxr7-rfHyuoRwajmZGJxt9HALgdG2qHnYaRtiJyqnD6YRPeS82RCldZjk3L1dHuXO5tSIyxYZWk5GMRJQGEbSiO_D4uliVys7PbvyvNkFpL8HO4YQ_JXJFedxuZt-P6BJf3Tm63Q7ah3PDusMeZH3FGd67M6Oa7vkD-YkRMHjAH_KW1znzFCLpPhj1KYCvbkphxkq-Njg7J6tL7lC_JiIAdIcTxonhp1BdgkqfEXliNkIzai_aPBWtyj8WSFrBWCV4e20GFTZaNMLNPNknE8lFrF6VbWYjYMI39bQQftCI-gsPd63pTnD4OCYOsEh9CywUIVBOiVohNBHHUVN4H2LGqXN4mAYRYyh9Rv6Hc-zEqtpecniL_vPi_7vtsSyzd7RXAq85C8rn7EEKdpw986ve1iXpUfEZD_dj4DE9jM4a5P6IVObu1CVzSQmUeYra7fMcNH-CA0HBlkeN6YzpKsQeMif4qMp-tRox5M_MfHDq1S4JNg8zAVU0ipvuErk3gee2Q8tsolbzC7FHOtFRXXfg9goJa8_6Qg62NB4t9baNeroPS0m1tHvu7GpXUmMUtdQ0zw3uWgDVRmFKYTJ-hMbDpOcuYMtkoS4EfnBT_m2F5Lx_oAYTzUgeKh1yMbLZyknv8nlxB2ZF_qRCDFw4KFg_jfnoCz8XOTmhF1k7dLVXvUT0UjhbyjtGEQ6JZIURon0_bhPC3KHnwHcaWbxIM9kJNo9fuVDeLkpJPzOvp-mvHMoqI-YuM9BjkebIfJqVKF8S5vCrO7bVXkGswR8zjnSGpj3VRhKRW5T_0p0O6EHMmqqSohiARRatO3p74H4kaIeDAlKW82h-SJbqI2pHVCEqd7vSKGEYWM9JenVz_AiypjD9aSkYU47NHL48Nsm7Brg7fPvf45dk3EC_4APWKVufg1dhbptbQJ44YdOVl2axbaei3UQH7mKekKOhkUf1PzeKqxnsbvX934MDMAdwsb56Jg95XKw9_-GPRnN0yLUxYZ58eM6Mj9cPt4WxMyuAJkrqjrsbWfKqqgSlhb4JAnUAy-0XUymoCPRf_jq0BcNtv7vJyB7aJQAjitQ1bekOKil2n3rYyVnyzKLLVpdvzIrPjhbBdJvrDOdSjQPi8b8ivtVMDl0GtwuYW0xPB-U9UCloyYCcrWXfsy907vetjC-fdNJ_bK4P-cB6dyObjeYVm7nD9YetqFYPGmYb7kELjtrH_XKUlrMEQ6mFCX97URfdOlusdz9QBB3aUEWe0B0m4AzybHVbLR0xfV8fV_Pa8yNJeAOoglbUun-dVRsdNHXDx1YVyTHAkKcj6O5Q8tnuDj9Tq5gaJ5TY2xDXpLcDmrKtayFqHJ-QJrr9TKOVaS58y9MeRfKH24EJE2Ll7vHjWPjrqKZ1HLxff21iemMh5F4Ff2y-4m5qyUoYKiSUeop8I1n_jye39D7xORFTL49mBpyGEA__x9CSIahviWHm-Oak0bZcmv_cUrx4-z-6paz7iVrETBZeCKI_EHqrqEAMbGeopZ2QHFqnNCXmIUHQmkdvOZJfQfziUUmsbeQ1CLGeSgD6UJP5K8kYP2RvX3U1erHS7P0Nen6AJjFCxVze5x4AUxsyne0zZkFGX9tMZR1uDbbJBmtjoLdORDzfz1Mm7iSeNPms2UxBPYBpuP-XuXrunKCNWQYr_8S6pF_-Q85LMAek7Z-NQDcudqzj00UE_qigOrDQ8LjBdYj79A71XFWw9q9Y85tvLRpKx-cAJpg5RD2UGgR3MWja8TkVe7whIENRBz7pDUa0s1Y-TqdW-gEz1vAbX-EG9ziEI-O3Mh5RuYknSjZa5MAjJy1y8_bgm5jxmGwoaCbKnNZFCj-d6iPpJylKFuufvShGQGImmAO_8CSBWy4vbIkEs71A3B70cLeVJVUTc8i5UPPWQsycZkDf7xttgr254RmuB_wKGHYTIrI9Z0UBBge5YZ67fdbtsL0Xy5LK6jpKF8Ctf-QetcirvTnS__X2GfHNYkVjZkHFR4k7S79uyjS-rXFlFaPD4yy78jGfex5mXUa7PwGq2xbxgbqBHJMtHIween-8fKJc0fx84718Ms_X6tYfb-SYsVYSwS33YW-770Nj0Ksqq-kSvjtTHluFN2RweBryNo16-EK7TEbVAbPs-GJajMlkGcT7I12nXWZpcWMwoS8_-ioyjoXcrbiE6QV5OtjuIrvJ_A46nLrKeKzZfs9e1YTILRrJm50eL3jNZdxoQuLlNP_26oD3niqGUe2asqejuCkljtC_gpZcoHnvWH_omOrxbEgcfyrdwEDp-DX-59h4hZ61JvASUEXQYsVw_mejFU3WJz1oLxmz-ztTY8zGk-OqVb_bC67vgVnUEixA_X1G93N7BO9LXnUosoJnQaRIfnqCWbUEQIj7a7u13NIPZl-8lXUDFuTd7FSFMoJ6U5atwxAVN9vV0htyC4byGWM7UyZtLXIKnd6AzJN8KkjlzLQNFGdEyxxM039XleIrk_w53pzN5POF2&cid=CAQSTADq26N95NK2PfcnvfhgG8KvPO223qxnyPkuhPoUsyinnfE4oqrZZND9qDwHD4rH3X52OBD4aaiTr0Xeo97FwjDRF9FOY7Lv4NdbtgQYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=8472963844570602000&adk=2086295851&idt=656&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 01:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
36163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Jan 2023 01:05:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame DBC2 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dd4bnkLRzBcXfjBFab0rcIJydlnB2ThMIU5r9CsYuyA3xY7FCz5ubcVBWiNgSka18yZr0sZR1q4hwwwg0N30nBQ8hQAvkEhWUSfwzzrx20NVaM63Xpr46HtZn741JZ6BfmT8rG3BM9bdrh7FDTd47sBmDCV67HwExVFrd0NWR1kiQVP98&dbm_d=AKAmf-DSQTb-I0DU0X2UuCOCzaZoEa93LtcvUKLsCEDVSwbHQiNoJiLDF7R_72i3cXC-gwc-2XEZaGxpAOF799TjVVLvQEc8PXGUHGguFj4LaLnWC6qAqgmhO2ua_EMoUs53EWvHl1PNN1XyN0znNI3ccL-IpV3Zg-JjXLdUElTk5G0ZpYxaLOeFrIHtvYu5VxNob16vF0B4oSs9Dc8DEGqXny68xKrhSKKmfJULYG2a43EUoxLGVFNt_oFpBPUwCbdG0C1_6PwbAFikK-jE9aS0dNc4sd0tmD5GKeSvoruxIqiIGy6EY91gvUCT91sKubC2nRA4MXkQzzS4XmHzFKgschgNBIZVCCVdeuSIKIvumr0BOj09ksdZzzVw1h_3sYcthbC7-y7axQofaiC7ZDv2ZAyVyNw06AWlpj39ZV9p6S-PVrZR_WQSQuer-n0l-dEKpzfCBQugtAjMl0K9ll3RnPQZIto4RVGGXXFDsw5puokuZRM5oOz3ucNe3rTpEm044s6gjt_aip46YcqM3zqUsfXbG86syvU9C2T0rJrFJ1oTZlptlswiDeslJlsjVay_xft_Mwk83c7Wf9CW1L6HAP-Q410rVJJ9Ho5kZ55nyFk-xcNwLtHfcv8suTIldiVtE_oM2IaastutZGOEoMg6yT-cjTeBewVknp7cF4PTKFg0_Ffz1ZZzBmWjXdrwCth7VUWq0mtnECzSOcuECzWQjX3vK9j24o360b_uBue-IJeSmaRCI6aJXoFTFs9LtE-p9HBVHWmHY6Nu97Cz7SV952b8IJO8twF34RFGaJ6CH52GYZtWGvpHxUb61U1WuLt6xXxr7-rfHyuoRwajmZGJxt9HALgdG2qHnYaRtiJyqnD6YRPeS82RCldZjk3L1dHuXO5tSIyxYZWk5GMRJQGEbSiO_D4uliVys7PbvyvNkFpL8HO4YQ_JXJFedxuZt-P6BJf3Tm63Q7ah3PDusMeZH3FGd67M6Oa7vkD-YkRMHjAH_KW1znzFCLpPhj1KYCvbkphxkq-Njg7J6tL7lC_JiIAdIcTxonhp1BdgkqfEXliNkIzai_aPBWtyj8WSFrBWCV4e20GFTZaNMLNPNknE8lFrF6VbWYjYMI39bQQftCI-gsPd63pTnD4OCYOsEh9CywUIVBOiVohNBHHUVN4H2LGqXN4mAYRYyh9Rv6Hc-zEqtpecniL_vPi_7vtsSyzd7RXAq85C8rn7EEKdpw986ve1iXpUfEZD_dj4DE9jM4a5P6IVObu1CVzSQmUeYra7fMcNH-CA0HBlkeN6YzpKsQeMif4qMp-tRox5M_MfHDq1S4JNg8zAVU0ipvuErk3gee2Q8tsolbzC7FHOtFRXXfg9goJa8_6Qg62NB4t9baNeroPS0m1tHvu7GpXUmMUtdQ0zw3uWgDVRmFKYTJ-hMbDpOcuYMtkoS4EfnBT_m2F5Lx_oAYTzUgeKh1yMbLZyknv8nlxB2ZF_qRCDFw4KFg_jfnoCz8XOTmhF1k7dLVXvUT0UjhbyjtGEQ6JZIURon0_bhPC3KHnwHcaWbxIM9kJNo9fuVDeLkpJPzOvp-mvHMoqI-YuM9BjkebIfJqVKF8S5vCrO7bVXkGswR8zjnSGpj3VRhKRW5T_0p0O6EHMmqqSohiARRatO3p74H4kaIeDAlKW82h-SJbqI2pHVCEqd7vSKGEYWM9JenVz_AiypjD9aSkYU47NHL48Nsm7Brg7fPvf45dk3EC_4APWKVufg1dhbptbQJ44YdOVl2axbaei3UQH7mKekKOhkUf1PzeKqxnsbvX934MDMAdwsb56Jg95XKw9_-GPRnN0yLUxYZ58eM6Mj9cPt4WxMyuAJkrqjrsbWfKqqgSlhb4JAnUAy-0XUymoCPRf_jq0BcNtv7vJyB7aJQAjitQ1bekOKil2n3rYyVnyzKLLVpdvzIrPjhbBdJvrDOdSjQPi8b8ivtVMDl0GtwuYW0xPB-U9UCloyYCcrWXfsy907vetjC-fdNJ_bK4P-cB6dyObjeYVm7nD9YetqFYPGmYb7kELjtrH_XKUlrMEQ6mFCX97URfdOlusdz9QBB3aUEWe0B0m4AzybHVbLR0xfV8fV_Pa8yNJeAOoglbUun-dVRsdNHXDx1YVyTHAkKcj6O5Q8tnuDj9Tq5gaJ5TY2xDXpLcDmrKtayFqHJ-QJrr9TKOVaS58y9MeRfKH24EJE2Ll7vHjWPjrqKZ1HLxff21iemMh5F4Ff2y-4m5qyUoYKiSUeop8I1n_jye39D7xORFTL49mBpyGEA__x9CSIahviWHm-Oak0bZcmv_cUrx4-z-6paz7iVrETBZeCKI_EHqrqEAMbGeopZ2QHFqnNCXmIUHQmkdvOZJfQfziUUmsbeQ1CLGeSgD6UJP5K8kYP2RvX3U1erHS7P0Nen6AJjFCxVze5x4AUxsyne0zZkFGX9tMZR1uDbbJBmtjoLdORDzfz1Mm7iSeNPms2UxBPYBpuP-XuXrunKCNWQYr_8S6pF_-Q85LMAek7Z-NQDcudqzj00UE_qigOrDQ8LjBdYj79A71XFWw9q9Y85tvLRpKx-cAJpg5RD2UGgR3MWja8TkVe7whIENRBz7pDUa0s1Y-TqdW-gEz1vAbX-EG9ziEI-O3Mh5RuYknSjZa5MAjJy1y8_bgm5jxmGwoaCbKnNZFCj-d6iPpJylKFuufvShGQGImmAO_8CSBWy4vbIkEs71A3B70cLeVJVUTc8i5UPPWQsycZkDf7xttgr254RmuB_wKGHYTIrI9Z0UBBge5YZ67fdbtsL0Xy5LK6jpKF8Ctf-QetcirvTnS__X2GfHNYkVjZkHFR4k7S79uyjS-rXFlFaPD4yy78jGfex5mXUa7PwGq2xbxgbqBHJMtHIween-8fKJc0fx84718Ms_X6tYfb-SYsVYSwS33YW-770Nj0Ksqq-kSvjtTHluFN2RweBryNo16-EK7TEbVAbPs-GJajMlkGcT7I12nXWZpcWMwoS8_-ioyjoXcrbiE6QV5OtjuIrvJ_A46nLrKeKzZfs9e1YTILRrJm50eL3jNZdxoQuLlNP_26oD3niqGUe2asqejuCkljtC_gpZcoHnvWH_omOrxbEgcfyrdwEDp-DX-59h4hZ61JvASUEXQYsVw_mejFU3WJz1oLxmz-ztTY8zGk-OqVb_bC67vgVnUEixA_X1G93N7BO9LXnUosoJnQaRIfnqCWbUEQIj7a7u13NIPZl-8lXUDFuTd7FSFMoJ6U5atwxAVN9vV0htyC4byGWM7UyZtLXIKnd6AzJN8KkjlzLQNFGdEyxxM039XleIrk_w53pzN5POF2&cid=CAQSTADq26N95NK2PfcnvfhgG8KvPO223qxnyPkuhPoUsyinnfE4oqrZZND9qDwHD4rH3X52OBD4aaiTr0Xeo97FwjDRF9FOY7Lv4NdbtgQYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=8472963844570602000&adk=2086295851&idt=656&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 00:34:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
38066
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Jan 2023 00:34:02 GMT
async_usersync
ib.adnxs.com/ Frame 8703 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:28 GMT
AN-X-Request-Uuid
a26705ba-b394-4acd-8595-b983a97dfd26
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
style.css
s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/ Frame A481 		1 KB
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
955740c284880a7a4875ab89b8ec6445290a54665057008832e5f55c9fa5bcd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 17:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
455
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 17:24:18 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A481 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:08:28 GMT
main.js
s0.2mdn.net/sadbundle/4909879444082661474/javascripts/ Frame A481 		2 KB
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/javascripts/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cf0fe1ec23eb952b5852bfe1559a64b3c77f3966ddffa4045e4baa3bcdb33d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 17:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
560
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 17:24:18 GMT
async_usersync
ib.adnxs.com/ Frame 2C17 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:28 GMT
AN-X-Request-Uuid
c1493cb7-6305-4642-9a42-a3e61c56e70f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 21C0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b5e558a2e998e35bfa4da7278959dca0a98f78f9a4e603dc1c1b8e5e2eb227

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77f11e780d52bbc5-FRA
content-encoding
br
content-type
text/html
date
Sun, 25 Dec 2022 11:08:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBU3rhv%2Fq6bk71HS1eFXRz32MtvDI3BUtnf6duVRVB9xETqYExT5KVBX0l1I61G6dJwvE32tx8TFF9dAULqGcrKmAvKma2jcbgzIPswmc5kb8PxJEwGR0u0alN3aTFeztFy1IXHCP9dgHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=lgIE53xoNkNwTWQ0V2Q4Q3VJaEEyQzNLTmE0VjUySFlyNUhyaUttSlUyeUoxQ2QxVjBrQVQ4a01TS0V0RUYrQVE1akN5MEtMVmhGT3RjaTlIMlZKTVdOUDRYR2NFblUwR3ZGc1didG15U0hNQzM5TVF2akdrRmx0ay9RNEpKeEl2NExLT2s3WndaUGxtSUFwRjJhZGlBUDczcXFSYkdFcnFIRWYvc21DQk4xMy93NVpkZnhPUlI2dG01TXVld0dlN1BHM0ZTMzNnUnVnK1g2dG1WdVhZdWl2UlNTRlFJcW5uU2dweURrNVQ4TDdlOWNHRTQybytyZ1lCZ3hZSVY3UmdoaTFsfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 25 Dec 2022 11:08:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
243746
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
csi
csi.gstatic.com/ Frame F93C 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lc39osns&c=8728584674873&slotId=4364292337436.5&qqid=CPeKk87QlPwCFbmS_QcdqBEINg&fb=ima_html5-lima&sdkv=h.3.549.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=6&vhc=0&ghmsh_eids=44748969%2C44752711%2C44765701%2C44777647
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400b:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F93C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame F93C 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkqbbR_YE8FzErV_SbT2zT0yneaOLHkyV2KeC47auSAgL-fBpoTSt3zY5FkiLSCoQHcXtX4vtJewY1YvttYOGrU3wRchwt2LoRHBU0WgaXCTxu3q3IENw3jl6GrsLkTZak_ZQI6ONppfP08WVHLZXHAPqocFByInXtQrmAt5X-ZTk5JDe71HayqI9pOrQmcphXxY_izaliJCMKaqvgTngnQmmDP2zFjyvQG5ZLWFHkZBuVo_4ITYIRrC2LVkEWCadR04nrsxuHB-cEgvDZHT16YD3T2E5DYgp1_ERj1TFLcnGR3_Z-aeo2jxSzCtA1A839pobTJqYnEtURvqOIBKerZ-rvGzQ&sai=AMfl-YSm1uWe4nY5MGMTQSGQQpLa-LlFPvqXs_ETUO5Fia9hffQaJCh-7Ke0fHonf2xdHXaxENjwUV4rMNnn_e8vs3QtNfssrYnf3tZtnfxbbN_zebgVX4QuVuesvUn4sqBrYg&sig=Cg0ArKJSzCRjGG7hhbM1EAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.549.0&vci=CkgIARoER0RGUCADKgo2MTg1MTQ4ODk4MgwxMzg0MTczNTQ0OThAAFIgCJYFEA8lAABwQSgBOgd1bmtub3duQgd1bmtub3duUAAYAQ..&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2078144377&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=IMAPluginLoaded&el=&_u=aEDAAEABEAAAACAAI~&jid=&gjid=&cid=777851744.1671966503&tid=UA-4780630-1&_gid=1769622307.1671966503&gtm=2wgbu0T728TH&cd1=777851744.1671966503&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd47=Live&cd49=&cd50=Live&cd72=true&z=997382324
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 19:42:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 69E2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13803
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 07:18:25 GMT
expires
Mon, 25 Dec 2023 07:18:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 96FA 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
2574294
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
77f11e78ad1f90c4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame DD4D 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1df-32ec"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
sourcesanspro-700-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame DD4D 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1e1-327c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 11:08:28 GMT
csi
csi.gstatic.com/ Frame FE53 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lc39orfu&c=8728584674873&slotId=4364292337436.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400b:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F93C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BIAjEKy-oY7fJK7ml9u8PqKOgsAOs0smuRgAAABABILGBnBw4AViC7sTSgwRgleKQgqAHsgEPd3d3LndhbGxhLmNvLmlsugELNjM1eDM2MF94bWzIAQXaARhodHRwczovL3d3dy53YWxsYS5jby5pbC-YAsCvBakCmpdAKIglkz7AAgLgAgDqAiM0MzAxMDc4NS93YWxsYW5ld3MvbWFpbi9wcmVfZGVza3RvcPgCg9IekAOMBpgDyAaoAwHgBAHSBQYQ4sOnhReQBgGgBiOoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=os5L4CUoyN0&label=vmap_ad_break_start&sdkv=h.3.549.0&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 21C0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 21C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6gvKq9s-FAHyA6h3_qF0wAACF4AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECZ5QOcr4Glyk32cTeXfkM4&google_cver=1
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECZ5QOcr4Glyk32cTeXfkM4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqwQ0HRkMoI8lzzqhmPfzXZGBINU61vTQRDpKO2Y9uSBVZC3KUyViV2tMNbxPgbAwFoGEJxYk1RN8Elxmi16FxkNOqFYS9LUgf1y0pEWX7qIv0%2BEx3mHoNxP4hlslq5MaHLn9MAyyjJp3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77f11e7a4cd85c8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECZ5QOcr4Glyk32cTeXfkM4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 21C0 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6gvKq9s-FAHyA6h3_qF0wAACF4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6HMFSYHJP4X45VMXVMM6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Y6gvKq9s-FAHyA6h3_qF0wAACF4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 21C0 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6gvKq9s-FAHyA6h3_qF0wAACF4AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:e8cf:44d0:158e:aa91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 21C0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=PPSe07Uv1P9oRL5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=PPSe07Uv1P9oRL5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:29 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-050264eaa58f9e669@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=PPSe07Uv1P9oRL5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 21C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9066383568577469336
43 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9066383568577469336
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9O84SusTmyP%2BBjgIOLvPJxAYiw2fKbdj7JRMs0I3dt14qKdLqrrBGWiJrzdJG6FZFd6xC860lZ4OmNevGVhNRqqgUYaRyceaDMBSqEpCtXbUtlM6zLc3tKSnrj3T%2FA1m1gBJL9c5"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77f11e7c38559b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sun, 25 Dec 2022 11:08:29 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9faef8ec-ad6e-453f-8b9a-54bfa42ada8d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9066383568577469336
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 21C0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3506663725266119622
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3506663725266119622
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3506663725266119622
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 21C0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEkA07HUF4AACCOZ4vFlg&expiration=1673176109
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEkA07HUF4AACCOZ4vFlg&expiration=1673176109
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEkA07HUF4AACCOZ4vFlg&expiration=1673176109
Date
Sun, 25 Dec 2022 11:08:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 21C0 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6gvKq9s.FAHyA6h3-qF0wAA%262142
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:29 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
45369
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77f11e7a4853bb71-FRA
content-length
43
expires
Mon, 26 Dec 2022 11:08:29 GMT
file.mp4
r1---sn-5hneknee.gvt1.com/videoplayback/id/360f920352d220c0/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1671988107/sparams/acao,ctier,e... Frame FE53
Redirect Chain
  • https://redirector.gvt1.com/videoplayback/id/360f920352d220c0/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1671988107/sparams/ip,ipbits,...
  • https://r1---sn-5hneknee.gvt1.com/videoplayback/id/360f920352d220c0/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1671988107/sparams/acao...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-5hneknee.gvt1.com/videoplayback/id/360f920352d220c0/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1671988107/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/282AB07E3341ABB0830A1577F58D727B39EA6A57.5548A7C77B76872184FCFA5D6F3207B17BB7696B/key/cms1/cms_redirect/yes/mh/bW/mip/2a03:1b20:6:f011::2e/mm/28/mn/sn-5hneknee/ms/nvh/mt/1671965676/mv/u/mvi/1/pl/48/file/file.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
2a00:1450:400e:8::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
05bee3971ae2022eb6ead10ab837e39f076402b7c5fd5461bf0c19e30fb8d32c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol
quic
date
Sun, 25 Dec 2022 11:08:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Dec 2022 08:57:17 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-1246728/1246729
cache-control
private, max-age=21298
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1246729
expires
Sun, 25 Dec 2022 11:08:29 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-5hneknee.gvt1.com/videoplayback/id/360f920352d220c0/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1671988107/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/282AB07E3341ABB0830A1577F58D727B39EA6A57.5548A7C77B76872184FCFA5D6F3207B17BB7696B/key/cms1/cms_redirect/yes/mh/bW/mip/2a03:1b20:6:f011::2e/mm/28/mn/sn-5hneknee/ms/nvh/mt/1671965676/mv/u/mvi/1/pl/48/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
696
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 004E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjUyMjcwY2QzZTEwYjA3NjkyODA4OTQ0NDJhZWRkMzllZWFiMTU1OA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjUyMjcwY2QzZTEwYjA3NjkyODA4OTQ0NDJhZWRkMzllZWFiMTU1OA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjUyMjcwY2QzZTEwYjA3NjkyODA4OTQ0NDJhZWRkMzllZWFiMTU1OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 004E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hIenkNS6SwK64kusDA3VPQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hIenkNS6SwK64kusDA3VPQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hIenkNS6SwK64kusDA3VPQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FBGXPT07N4N9Y5WY4HH0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hIenkNS6SwK64kusDA3VPQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 004E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/RV7OYHa7Cl_eOu_hFGIFPg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Yx17zwFE2oIra27oUlwavMFC8pspfZdjmfnGrw--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Yx17zwFE2oIra27oUlwavMFC8pspfZdjmfnGrw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 25 Dec 2022 11:08:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Yx17zwFE2oIra27oUlwavMFC8pspfZdjmfnGrw--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 004E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMzOU9SQzMtQS1LSldT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMzOU9SQzMtQS1LSldT
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMzOU9SQzMtQS1LSldT
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 004E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 004E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC39ORC3-A-KJWS
0
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC39ORC3-A-KJWS
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:29 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 2958050BB24F48C890DE17DB8428DA63 Ref B: FRAEDGE1722 Ref C: 2022-12-25T11:08:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwpQnjPxDQehE36fUcpQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC39ORC3-A-KJWS
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 004E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rGeO_Jv0SCmUcDG8SKBSwg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rGeO_Jv0SCmUcDG8SKBSwg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rGeO_Jv0SCmUcDG8SKBSwg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FDWZQA9S0DMP23Y6W083
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rGeO_Jv0SCmUcDG8SKBSwg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 004E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB93S8eW4zoha22SHNQb3jQ&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB93S8eW4zoha22SHNQb3jQ&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB93S8eW4zoha22SHNQb3jQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A386 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2eLiqo4HMgSwW_itck_6zH3fFwbWDIGDCMEGHGdrmAe7FkjoKPV_PqU2Z9BjaPt1Ey4s0bvLVRM1QCssT4V1pFEEUZEDJoFW9OAsyG4Vmlm-cnodH7pHx6a5CiY9YE0svqyV3aQ&sai=AMfl-YTp7P3bGaX0H1wlNryW7bRyInTOS9CRpy6JH8q0CTMtu_jQJzfYRkzd2e_YPQMKhOzPBjYzm2Dgva2a4Dp4STvo6VEhyuf69y9ybIzUv6V6m1Y8rXrqiHDRmizGaJOq_cYuCLVZWFDBQBi1lVs&sig=Cg0ArKJSzNFwuvyh_-VHEAE&cid=CAQSSwDq26N92ua9XRhq1n5tnMaRgCOaaLOYeME4U1QQbrWL98Fje6j4wScsAlyCs_hcz7yZwo1500691-ETxbVs2XhMZH95gwO6BSWw1RgBIBM&id=lidar2&mcvt=1059&p=20,315,270,1285&mtos=1059,1059,1059,1059,1059&tos=1059,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339185&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671966504929&rpt=3148&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg.jpg
s0.2mdn.net/sadbundle/4909879444082661474/images/ Frame A481 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/images/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b3d25736a9e22d91cae51e9a755fe36674bb65efae1fdac59c2ffb77cb700f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 17:24:18 GMT
x-content-type-options
nosniff
age
495851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57960
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 17:24:18 GMT
logo.png
s0.2mdn.net/sadbundle/4909879444082661474/images/ Frame A481 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c332b30f5b4cb8a341863a69f75ff479a3627288e464ce4484c3ce235fb1039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 17:24:18 GMT
x-content-type-options
nosniff
age
495851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6998
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 17:24:18 GMT
layer.jpg
s0.2mdn.net/sadbundle/4909879444082661474/images/ Frame A481 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/images/layer.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dfa844f58af2b8c6564ccb5a933edffd70ac5774082461c8167bc7b2f171b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 17:24:18 GMT
x-content-type-options
nosniff
age
495851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1808
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 17:24:18 GMT
push01a.png
s0.2mdn.net/sadbundle/4909879444082661474/images/ Frame A481 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/images/push01a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e74f53479657f749946bf744b4b707f3dbdc77a65f44865a0bca802c6e5b3e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 17:24:18 GMT
x-content-type-options
nosniff
age
495851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3267
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 17:24:18 GMT
push01b.png
s0.2mdn.net/sadbundle/4909879444082661474/images/ Frame A481 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/images/push01b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2af631673b5566da44672b219cc9a713a240f1f9b5d5531b9bf8328bbd249615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 17:24:18 GMT
x-content-type-options
nosniff
age
495851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5178
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 17:24:18 GMT
push02.png
s0.2mdn.net/sadbundle/4909879444082661474/images/ Frame A481 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/images/push02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c823fad87a2b57f9e3f6d2045aa3a863a01f9f3e94b7d9d239d6d8fa145341
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 17:24:18 GMT
x-content-type-options
nosniff
age
495851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2535
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 17:24:18 GMT
stoerer.png
s0.2mdn.net/sadbundle/4909879444082661474/images/ Frame A481 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/images/stoerer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bee2541e0f7fcce4eccfededbd3c50539a0cd7c804a4bde48ac5d2af16adf6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 17:24:18 GMT
x-content-type-options
nosniff
age
495851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11714
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 17:24:18 GMT
stoerer2.png
s0.2mdn.net/sadbundle/4909879444082661474/images/ Frame A481 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/images/stoerer2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8216bf05060b2b3dce018bdc5f889863980c1e1f972d86c25ecf465e0a3cd23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 17:24:18 GMT
x-content-type-options
nosniff
age
495851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4834
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 17:24:18 GMT
product.png
s0.2mdn.net/sadbundle/4909879444082661474/images/ Frame A481 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/images/product.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2adeac914dcbad5d7fda309bd9c78a827fe2ef393d1dc6658deb088b25eeafd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 22:34:13 GMT
x-content-type-options
nosniff
age
131656
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25079
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Dec 2023 22:34:13 GMT
cta.png
s0.2mdn.net/sadbundle/4909879444082661474/images/ Frame A481 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4909879444082661474/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a6b9a72430727bba744a0f46c69beb56ec0055e519636d48b08273eb7ce026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4909879444082661474/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:46:00 GMT
x-content-type-options
nosniff
age
166949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2835
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 10:02:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Dec 2023 12:46:00 GMT
4.js
static.adsafeprotected.com/ Frame E7D8
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_Ky-oY4...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:214f:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:54:37 GMT
x-amz-version-id
2Pg_7dCiVzLnRDq1elVhHSnZiqqlc8yQ
content-encoding
gzip
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
497632
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:35 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
4ZDDyKCMsj0lkDO9ilgcPUoUdigDosRzbWgdkrafsWDU0VmeOMKDeA==

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
server
nginx
x-server-name
app19.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 1FA6 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
8191933
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
RFR-jsIfjuycjb8-METPQup176t2_jBA_M1013hiBHXYL0z2uVCW7w==
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F93C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BIAjEKy-oY7fJK7ml9u8PqKOgsAOs0smuRgAAABABILGBnBw4AViC7sTSgwRgleKQgqAHsgEPd3d3LndhbGxhLmNvLmlsugELNjM1eDM2MF94bWzIAQXaARhodHRwczovL3d3dy53YWxsYS5jby5pbC-YAsCvBakCmpdAKIglkz7AAgLgAgDqAiM0MzAxMDc4NS93YWxsYW5ld3MvbWFpbi9wcmVfZGVza3RvcPgCg9IekAOMBpgDyAaoAwHgBAHSBQYQ4sOnhReQBgGgBiOoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=os5L4CUoyN0&label=admute&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2944,790,3274,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D-1%26vmtime%3D-1%26is%3D0%26cs%3D4096%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D3114%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D955845494%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671966504433%26ptlt%3D1671966509265%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1671966508789&sdkv=h.3.549.0&vci=CkgIARoER0RGUCADKgo2MTg1MTQ4ODk4MgwxMzg0MTczNTQ0OThAAFIgCJYFEA8lAABwQSgBOgd1bmtub3duQgd1bmtub3duUAAYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 3F5E 		115 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:29 GMT
expires
Mon, 25 Dec 2023 11:08:29 GMT
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E3A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst868tjiYjv0FKM6LbralDwYMvOTc93OEbwQWb6PuxW9ULwPEU8kFEX2q6aFfS6mFC0-UBP_OYkJNGlbna_oOEnPshr4Cc7ya3UOq0I9_Xa7nlFxVSyuZyTXnjPibN_0ZUeG4BiSqAl-CJ64utUclDtNVVHCJX1-dJbmZn-VaC3-j01YkGVVflzy8xvzwEooXE5TK8_MPoQp1AP-RxW8RxhC8xy3CagavMTjcDQ4AsKpgXk6kPV-i443kR28RquoVvVuntrioOzmocfKmoGMmrGhISfcVAHPAjvVUDtFf7M2cTR5J8IqyWeboB69c7d4fQ3gNVDDN4Aw1mhXhMI6wIt5J7Gd_IbZvgl8YFJJZOk6dq8DxwL97l6jiFCIa1r__y4Ms9j8bf9dvkzwj5ho3TUPRuhKFoYHgXfoHXcOnB0xRPgIaNcDaZLmL7jVLdm_kpX4vpO1JS2zCJjyEUR302vc2tLV4p6ByIL89bXDkJ8LB3Ch2rmzsPcC2N1kUMGTeapOoO0j2IxSY-vSfuCziE2VSgsZ5jqdXxXFgilGFuDuZQD7mhBdlamUp4XGAVVu1DHRsCy5GBaK20MdlZKOCghX82Y1MYsPep6GGACeh417uChJGgHN-Avhj9FsOZW4pl1JBBAYDyPCUfsbV8K1ISpF-RWQ5zFDu8-n1btX0ox9q-MCboMp-nJr5zVdT8kNGFj5hoURqGTHhAFgV1lAF0efW-W8lOCnbHVnWflYrLpWusA1Cmn6xNLNu7V_MW2MoJ2QYFKMoqvYOG997-G4F4z-WM8lkKglxL9C0-ntkoMU1K-whRAtlFBCk1zn8AFIPyKKK1IZPHCK-cxBRKQiZ3VSsj0W-VCUxHnuFUWlu4pECJ9ZxGFRtU_fCW6Zt0XMr1xPOOxpgCiSb7fouu6X8Sjmf3kW8ZadKFhBycWHaS-1zhLtsUmDn0bjRsySXxD13h8K25n112g3wuaxAQx561nvBlkeLdZdTejFNyZGQqXTVD8Hg-0Zh7i5cMT2ljwRt45ZjSlGbK20INZeSujNtVxPqZvJ9Xm1XGp92h9UxZrDE5TD0YHIp3FPrlJqd5xi2_0q2IzLMkwtF51UNW6TSMMwvM4p1rc5ZashLxnIBLq9dK_yI1557lU8pfp3ax3m1DxpQclJjG4JxG6ofjUdgapjePvkbFTetVdFjxQdNfvbJZTy0hRUYgruOs2uczXLFJtD_aubGL8TPwoPFSGDrVzyo6XG4WrwQP4t8kGdaN3AYlGhrsNPAQ&sai=AMfl-YQcYPX-tPmX57IZY7BZgXjt49izkyYLNkYmYXDABijCC2r5W_X8KH8RzrFQM1eW6PClxG-a88eg1nFzlY-a0sPs0Gz94xieXufGWjWxSMFZwtKjsHOdmBCAvs9C_vjf1B9hCexy2eN14F2FPjhuubdLounKbJe6k9NjF45CPRm6j_U_N8lOBJhW2_77DhteNnPlZZV1Cfe1Rq0mnSoxyjVYwwIb-mwT0BUYBmm71J-JyzMgRHHTh1gZpF27ixl3Z1gJl-wN4qHi7pqdulgGbOGpvop0J8r9qvZ-Gyj0xw&sig=Cg0ArKJSzC7SanCwDoEtEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=697&cbvp=1&cstd=684&cisv=r20221207.50173&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 25 Dec 2022 11:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 25 Dec 2022 11:08:29 GMT
index.html
s0.2mdn.net/sadbundle/10079595500193011461/ Frame 31FB 		138 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f69cda4d346d1361e182ca51dfc0be0b484b548a8afd33fc4939dc63ff671f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
349403
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22835
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 10:05:06 GMT
expires
Thu, 21 Dec 2023 10:05:06 GMT
last-modified
Tue, 29 Nov 2022 11:19:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E7D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPcfWFiHU8CVOT0B1zYtpfQDHt7bAQoKKiNGTRIN4N0ZFlwdciFSfOdESw4CmKQEsf_l2T5yep87X7BXGSNRBLeyBNj24rqjR8-tSCELnhqzqllPeB-xcE_wgOHMR5gQZg4Q8Si__D4gTCWj4Bjuth_45uFacYlRxLJNVFg0N_7pBI2lbzVlvoCElQNmujbORe0s2E_pdv651Xy6J_FroVX6W0qjHyXLhruqDzlfmdCWfnqqvckJpRjEHkg9qL0-98UOGr0BaHLxN4BPXURBRhnjdR0gqc7uLZTNFHoQnXcxrCqFuVTSEUeNMbpMFz3gwF5JSqyyDiGSK1WjSJfkjNIX9qX-vHShJ_V_MqNI3YPvGqRIfp8JZDxbtKawx1zEOCnQpX2zSQXUI0ABMVNdHHL083v-YLzHUwNOp-PSJ9wiMctg0ryEoeMLyqtRKBYQRW81HarqXgyrJidUq4h-fGzW8R9hyTQz3Kbj3I6HtCl2ACYQ_y5FxhqNrG6XI0xZ09JOUh_E9teMJVnuT7AwNeqEqXM8UnqYIVBRF9HisoNpja4RQgJyz9md0-Tb6Re__BgkRfLLhVrhvW9HpNm2d6LE2fvrSxErntpvuHd0ocQE5-Qn4DBM6VpMtSy5Ph4J-aMbTd214mkLvieshATiG17YaCmCD24EhsR7jd_D6YnssUeZ5ylkK-s7NDOZBzhPnyDFPw576fW1E_c32UDXO0CTs-k_CSBXT-LgDiA6SzlZlzIHVUTy7eDUXTiloMh53lWLai_g9Y39gTgUigz6lcxgCuFGd-_0PdtAr4LRpKVn5g0gX5yqB5JC7gX3bi5vZk6rfjvEiD4VmBTDgCq7xh1x6lYsp-gm0ICcDtPIQcY0lfr2k1W4ws7lVE7mnipERWm6aw2D9BTcuaGiHHeRsgcbNpoPTE6UjTFrWRl29Ew6FImGieaPHBkiIg2GltVb3mWhqpbB3e6te4uOaS3ues-zqT4a17CokBAkf8ZfvsT60LEhzvY8rHrWqFE5BypHHU30swI60TXQDBBhUBWLO4LYrF5cD8NGi4L64_2Tj9n05oHbT063SIlg2wAvzPnnYefQ8uDRV4L-d5GeUsi24IwnVKBt91vWeoXMCXjCMx71nks1Tee6SLBIqww1o4K6E_T3Q0zTYztqOZoiRaIS0tFDrlMtLdQekVrE4FI_jmVC8Fd2kDhrNYVtDp-WYp1f5VG1PLt3uzZHQCRKN3qiWe1Qe3Yd0YKe2lAZQuwtZwfTFrXNJc0Gtr_ss&sai=AMfl-YT5ObgZG9fZLI8XAJaxZzdqAlKOg3iET-dsS7GIZwkiKYNKJx22YGR3Z638wIFGK8NUCgrCbJq2LzeZbtnPzIFaoO-B-A0-7rf7C5l9UDyhuRPQpRBEXfWNI7IOIX7VEGERUmYtcUsH8K1nnrDRCxLQJwF7l4fkvLKiln9x93WUmnNaaZ2WD7Yt8-g8lfJGyiToiVmkU3sAvCqfVwjtjBD9mILsucgIdEtGCG3wYMwcrqVXFPthtnGvfXsEx6volHPCTf4ry7oJ7h4jgQJHYJ9_GhqjPT-UOb740j6RgA&sig=Cg0ArKJSzM6K0Pvpza3ZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=719&cbvp=1&cstd=717&cisv=r20221207.27527&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 25 Dec 2022 11:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 25 Dec 2022 11:08:29 GMT
4.js
static.adsafeprotected.com/ Frame DBC2
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_Ky-oY8...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:214f:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:54:37 GMT
x-amz-version-id
2Pg_7dCiVzLnRDq1elVhHSnZiqqlc8yQ
content-encoding
gzip
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
497632
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:35 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
tEeD1AtbxDBcLCCYMcrL-D-uX-IWtL3gQrnCICPx9PWI7XRBPDRdYA==

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame F339 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
8191933
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
r6mL_f-WG8VvQ0PET6t4xR1HSNS-YMq5Po1OEglwY4U4u8JWuyr99A==
index.html
s0.2mdn.net/sadbundle/10256918388168393334/ Frame 254A 		148 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c69976cd568b69a76e60900676f5e45c901c66b2cd4b0181e1ac468bc28c986c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
70119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23597
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 15:39:50 GMT
expires
Sun, 24 Dec 2023 15:39:50 GMT
last-modified
Wed, 09 Feb 2022 10:34:13 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DBC2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshjR7TNx4mClWiEqErp0e5fy-4opg5BaI5j0FJEkcudPKmWTUobEd07txNdL0Vw2RYcVX0B3g_YXiqBMZmde_c074DEVSPkGmRRLu_sElZ0CLhVOd7oc3_itGSaZd1t9FVY3cIYfQdMfG8c0tTM2N5w6TS-YjNZ9YeTYk6B_GCn0vXISXKpcMkf-K581tYPGZpOqtDxFjG8Iksgeb4OWQLHxNYVqSUkhyvtukMqTJvdrziHs3FCymxpO0DWKPjqFUblf2jl8K9yt2euVDeRUwIsh_5-61U787g_yDdK4R9Ck-kROCGTGe620iX2AjIPgd-YUL5bjd_NPRRk9zCsuJxo112O64wsuDIu05q--UpN-atpx6ZlCapU_bZXwZQd4WmcHh5gZhi_GD4h8MJaSoEz9YlIq9LAVknYMmKcwWByAhfFL3w4Mtl1LRKk6TRrJua7FpieGeURIh4UKg6-FU7EminTdKC2spEQsDkZuVYszyWD8XdIAK83TES76H_hNBhZvY4VHmqeCd04dH8Dz18IjiykkjyLrfa7hexpUjzUBwdvi3935_e-oW8RNrSNnCUy_KZH26VA5whwkdOC0tJI9IMnDa2QSrHOn8EdwhlGQcJFoGzELdeqaIiMtJC6R8FVhskMlXSoNo07cRpj8cbeUOlNuxRZLLMliprcP7jH11irxBTxSm73YeiUc5A_Yn6bg1Vtz5TbsXrBN2_l53m0mfsJhQHREY0cx3BHEd12X0SHVAxQrzQGqbmBOFXcGopTM2zy-X07lCvvs1Qd0u3aYTlxEw5eMaCG_j0GAWE0Sj_mhTVaiMgr6D8AELyOR7lxLXJtjkwMixMtMP5LNDc1PIlRHSjzqWwLs7zzMIEj_Pd118vpmRVIQInsQLPxBI-RmKA89dBlKvmF_lJAXChpQTyaXKSFhCFhOQR_80s-re_39EbK_FIdWPXEVp8nu6H4Km11je_L51FnwogcQIFp8Gj-JH_r5sXU6Jv8QRX3R_QeCTRVzPSVLsoYNECeiIjJGH3eDpqI6z0bz9DUOjzJR0PvFDayLlojPJ3jtd_Zexp-2pFS6CUNPUhjCINMOk4NECc0nsBTwyWkVh5F0qui8pyL9JSS5t7XtcEA-_XQOKT03IFeOhbQlqLNG70O45ijG3sFUnvezSDxx0StXoP-G5-G8-9K4GseXnM_Kt0jvWbcKuZ2QQvmbdjshQ1R6NoJdJCoYa5MpxV-7VcUnCXs6QReX6ksHP1RwibXCaCrA&sai=AMfl-YTK5jy1b-rWjX_2fBZZ7MZ1RN0mSNZJ2fs1D2G50OM2s01F3rlbdTWNKsNzId4H-AwdQcr1jand2A6J_UJ3m108mGfHiOFBla7uSsPJgKxFYfP5rQIr2EigCTcFnTOH8rXNR8lRlH2TGlKp8-zdLXdjPriWKc3x5Re2da-Ku2Ddg2qQNpw9DVzYbOREp4AXRSF9I_IrY0OKAjhnfsEF6HQTp44wS4TWFX9oE92ugtgVKb6Vlh-xsFGEh_T-Kxqn7wYSgjI1-tQiB0QZjazhDpbxPF4S-fmpiQ6g1ac3bQ&sig=Cg0ArKJSzF4tImPiXyCfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=785&cbvp=1&cstd=782&cisv=r20221207.04218&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 25 Dec 2022 11:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 25 Dec 2022 11:08:29 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E7D8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:31:40 GMT
truncated
/ Frame E7D8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
730fdb98fe4649573d4739c34bded6043257a3e9deb6741e7cc33433e2380fd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E3A2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:31:40 GMT
truncated
/ Frame E3A2 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac5fa3e54bd386787b9cefa7e64c4511787aa0ddca8de9e014d66c33abc16769

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
unip
trc-events.taboola.com/1245572/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=5292&scd=9&ssd=1&est=1671966504220&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1671966509513&vi=1671966504190&ri=68358b65bef97a8d9352eb9a9232dd26&ref=null&cv=20221222-8-RELEASE&item-url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DBC2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:31:40 GMT
truncated
/ Frame DBC2 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c310c209f5b5f37c2e2025dd681be2410552e7aa0aaf4a0558a3ffbb5aeffa6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c9dcf536-62e1-1ef3-d0f1-91ff9808f7e4&tv=%7Bc:xO0sqS,pingTime:-3,time:371,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:37%7D,%7Br:r,w:300,h:250,t:371%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:372,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B363~0%5D,as:%5B362~0.0,1~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tr1D571+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C191%7C1a1%7C1b*.990511-61634100%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1b*,rmeas:1,rend:0,renddet:svg.us,siq:39%7D&br=c
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c9dcf536-62e1-1ef3-d0f1-91ff9808f7e4&tv=%7Bc:xO0sqV,pingTime:-6,time:374,type:i,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:375,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B366~0%5D,as:%5B362~0.0,4~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tr1D571+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C191%7C1a1%7C1b*.990511-61634100%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1b*,rmeas:1,rend:0,renddet:svg.us,siq:39%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame A386 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYZuI1PEFtGkx1h01lVfDKAH5Jo3csb-ILFY1ARjeh0S1P8TGnkGvbNbrZ4iIf1gbkV2d-vMpfKv8Iv_XwcXFmTQWYHFe_oSNOGcX7_7t2aA_or-pECBx4oMgwgCOtaZ7NrJjQ0y-14ZSOPzgjS3qEnkbDN-YCbLxWytWjU0Mb3krBnLHzX1xbjZ9zaELqLqyJdOfB1-wmd_rQZD-4PJ1F6I8lzKntqreV1bmQG2Re0qNr5Oh1LOsIuFedX_e4__-80wnf5B9idOYTExou69zjweitkQKj1qLfwnzx3eWFCqx5GmPEaiK-iZDKatzQ9psCnth_hF438xn7BIs2-YAfo2uvKSzF0Pr-GtDL2BWXLfp7QsjfMLsP3pL7YSPJ_O5k5daYf5l7VcKDHD97QNJYZx6fmJ3TD6g54q1XaAZM6Uz9lw1Y_YgQfMtMDea6hH8mdZNSIeah237BGS-WzC_C_t0n9OwuxHbWLUWqHX7xqp48dZzhW2UE2Zlb1zbb-tBIIDxpUHGYd93EKSAz_jyQ_O24eHhhB7vFNuKAhjWw0Mbqnymx3E2wlFx-82boT4rgXOWu5pZI2N86wyoLWSouUCZlm7gbR40W9Mkeyp2iKRv3mC7mVakoYpoJphmVz0lEQ6vaWT0dOZtNAzejbI_eH72aB7-zjnilND0vbgmO6AZEgfqQCTwafUjnGeqPReFzYoHH1uNUMfqERbZK2yijclEl-p_HTuSLKTTIuWPqcKwtJJ9oa7WsYKY4e-HDn9l1BzodzRWJz2U7Jyj04TuoJiqb55mCV-23sRXBYnjUrB5rqMwVI38sqBousC-eaXSdHqvo-x_G_kKhETynt5EWkhFAMB6yJ3JZcC1TLTwBxO4raoSPsgpd192rMieqvD1keh6Bcj49D1M53rKg9a7e4yjCWKUqf9NPnjHHr5opLaAxcGk_DMq474UG5-VDGjjwtf2368zecheqxDuaYoIYbu1Wp9hrwtXE4QCRY0Ki9rVfAJ50-vs_LkD1Kua1LLIIjJB1lRg8ALeckxQf8Es-AVveL-1tUhe1g75INepUOuq5tbh54HBSj-pELWiIok2mf5cF9ABC_-1JZ4OKPFDzZeFc1E2blrR7l9INL8aUHqzWrWszNtmK0_j_uO5OLGo3AK7knEm95d_iuXfAiDIQA0TpplNuZYZkHg-m4NujMRxFQsqrt3lVSDWHaYPLSTw&sai=AMfl-YRQv5Il0wwZjA-LBnxQ0YdvpKBDzP3gzFv2urLIXRQWPOZOI7mNOsAOsJz8hNXAbv05PLBbjLOPNH72nT3rnEH22n8uhcJ0pSy9RkxkrfWCDcZ2jxLvppeclzAltuj0ajXh78i4OdpzrTIi_M9Wk3cYPGi7UFKuqOsbR8t4Mywdro8Y9QPHP8xD2TXyiMHSGg-UMfplwUOmvkCrDx9PXy1RxutlfEofnlXFv2FeHYNJLgBVfflPL0BhPKy_mbkpWlao-FFPlnF90Ds0sIA1F1eTtAKBEE69cwfDGh0&sig=Cg0ArKJSzLHmb1ppYEqmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3114&vt=11&dtpt=1385&dett=3&cstd=1722&cisv=r20221207.31397&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 25 Dec 2022 11:08:29 GMT
dt
dt.adsafeprotected.com/ Frame DBC2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e95000c2-d433-a679-4324-8f6dad2f834f&tv=%7Bc:xO0srr,pingTime:-3,time:276,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:53%7D,%7Br:r,w:160,h:600,t:275%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:276,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B261~0%5D,as:%5B260~0.0,1~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tr1D571+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C19*.990511-61634098%7C191%7C1a1%7C1b.990511-61634100%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:19*,rmeas:1,rend:0,renddet:svg.us,siq:55%7D&br=c
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 31FB 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 20:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 20:09:35 GMT
dt
dt.adsafeprotected.com/ Frame DBC2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e95000c2-d433-a679-4324-8f6dad2f834f&tv=%7Bc:xO0srH,pingTime:-6,time:292,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:292,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B277~0%5D,as:%5B260~0.0,17~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tr1D571+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C19*.990511-61634098%7C191%7C1a1%7C1b.990511-61634100%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:19*,rmeas:1,rend:0,renddet:svg.us,siq:55%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 3F5E 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 15:59:13 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 69E2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 19:50:34 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 254A 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 20:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 20:09:35 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame D9D7 		0
528 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e7f0d2490c4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:29 GMT
server
cloudflare
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c9dcf536-62e1-1ef3-d0f1-91ff9808f7e4&tv=%7Bc:xO0st2,pingTime:-2,time:505,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:3551,beZ:3553,mfA:3555,cmA:3558,inA:3558,inZ:3564,prA:3564,prZ:3581,si:3589,poA:3591,poZ:3621,cmZ:3621,mfZ:3621,loA:3925,loZ:3930,ltA:4056,ltZ:4056%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:37%7D,%7Br:r,w:300,h:250,t:371%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:505,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B496~0%5D,as:%5B362~0.0,134~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tr1D571+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C19.990511-61634098%7C191%7C1a1%7C1b*.990511-61634100%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1b*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:39,sinceFw:465,readyFired:true%7D&br=c
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame DBC2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e95000c2-d433-a679-4324-8f6dad2f834f&tv=%7Bc:xO0sti,pingTime:-2,time:391,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:3699,beZ:3701,mfA:3708,cmA:3710,inA:3710,inZ:3723,prA:3723,prZ:3744,si:3753,poA:3754,poZ:3784,cmZ:3784,mfZ:3784,loA:3991,loZ:4003,ltA:4090,ltZ:4090%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:53%7D,%7Br:r,w:160,h:600,t:275%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:391,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B376~0%5D,as:%5B260~0.0,116~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tr1D571+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C19*.990511-61634098%7C191%7C1a1%7C1b.990511-61634100%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:19*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:55,sinceFw:335,readyFired:true%7D&br=c
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
a450a680d12d18759dfdb06197d9f5f7
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame AF94
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a450a680d12d18759dfdb06197d9f5f7?gdpr_consent=&gdpr=0
0
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a450a680d12d18759dfdb06197d9f5f7?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e7fbe3090c4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 25 Dec 2022 11:08:29 GMT
Expires
Sun, 25 Dec 2022 11:08:29 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a450a680d12d18759dfdb06197d9f5f7?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1671966509846099-393
async_usersync
ib.adnxs.com/ Frame 8703 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:29 GMT
AN-X-Request-Uuid
1f5df218-d011-46ea-b09c-8f96202a70b8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=89dfdda9bf5782efd8322636b4eceade_1769_1671966508138&tm=6920&eT=0&widgetWidth=863&widgetHeight=283&widgetX=537&widgetY=12507&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1965&oo=true&lo=2595&odbreq=8226&odbres=9757&mvreq=9776&mvres=11741&re=11744&cet=4g&cs=5&to=1671966498001&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Dec 2022 11:08:29 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
a8960e3be2a3639052134d4b866c1821
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=63f6870f7ad500d2a60b016caf858490_1769_1671966508387&tm=6938&eT=0&widgetWidth=863&widgetHeight=401&widgetX=537&widgetY=12814&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1965&oo=true&lo=2595&odbreq=8226&odbres=9757&mvreq=9776&mvres=11741&re=11763&cet=4g&cs=5&to=1671966498001&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Dec 2022 11:08:29 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
bb79eabb9e9afbcd98f34e74534c8c8b
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=e57473b92c8a2a064f2c4330cc3d46b4_1769_1671966508612&tm=6940&eT=0&widgetWidth=863&widgetHeight=359&widgetX=537&widgetY=13239&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1965&oo=true&lo=2595&odbreq=8226&odbres=9757&mvreq=9776&mvres=11741&re=11765&cet=4g&cs=5&to=1671966498001&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Dec 2022 11:08:29 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
f73bc0f1006a01563c49316a80a4bf74
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=93e00512a984273b8218ccb3db233700_1769_1671966508907&tm=6942&eT=0&widgetWidth=863&widgetHeight=359&widgetX=537&widgetY=13622&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1965&oo=true&lo=2595&odbreq=8226&odbres=9757&mvreq=9776&mvres=11741&re=11767&cet=4g&cs=5&to=1671966498001&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Dec 2022 11:08:29 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
d69b47e5d2b6942f173a0d5548d0168c
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=5b498b96f8ccf2f0f359217b9243b77b_1769_1671966509118&tm=6943&eT=0&widgetWidth=863&widgetHeight=632&widgetX=537&widgetY=14005&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1965&oo=true&lo=2595&odbreq=8226&odbres=9757&mvreq=9776&mvres=11741&re=11768&cet=4g&cs=5&to=1671966498001&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Dec 2022 11:08:30 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
6706088bbd52d75c6d7b67153a3f2c12
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
mv.outbrain.com/Multivac/api/ 		85 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=20109&apv=true&sig=tLfmqD0S&format=html&rand=88044&em=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=M2QwM2MzZTkwNzQ4MzlkM2Y0MzZiMGFkYjJmZGVlNGQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=4&lastIdx=10&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/20109/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0023271b534ec2b51cfe7db4da8a121440ed62735da06af94bc275150df99925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 25 Dec 2022 11:08:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671966510.785693,VS0,VE1153
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21933-LGA, cache-vie6383-VIE
x-traceid
ee1da5059fc710571ff020671e3d104f
accept-ranges
bytes
content-length
21021
expires
Thu, 01 Jan 1970 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2C17 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 11:08:29 GMT
AN-X-Request-Uuid
f1d9c337-038e-4742-84d2-8f2803b9a3bd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/universal/ Frame 114E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.104.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-104-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 25 Dec 2022 11:08:29 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3911 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 07:18:25 GMT
expires
Mon, 25 Dec 2023 07:18:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
smw888.gif
us.ck-ie.com/ Frame 4EDF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 25 Dec 2022 11:08:29 GMT
Server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 68D0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 07:18:25 GMT
expires
Mon, 25 Dec 2023 07:18:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
ib.adnxs.com/prebid/ Frame 87F8
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8e90f34ec120a3edc7c6096ccb3c80a9
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8e90f34ec120a3edc7c6096ccb3c80a9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
e64a50c1-b39a-473f-a709-66dd13ffd8e9
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 25 Dec 2022 11:08:30 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e7f3d6a90c4-FRA
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:29 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8e90f34ec120a3edc7c6096ccb3c80a9
server
cloudflare
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F33A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 07:18:25 GMT
expires
Mon, 25 Dec 2023 07:18:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 3F5E 		363 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/btn_cta_arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407334
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
265
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Dec 2023 17:59:35 GMT
kia.woff
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 3F5E 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/kia.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 05:41:21 GMT
x-content-type-options
nosniff
age
365228
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23072
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 05:41:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E7D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPcfWFiHU8CVOT0B1zYtpfQDHt7bAQoKKiNGTRIN4N0ZFlwdciFSfOdESw4CmKQEsf_l2T5yep87X7BXGSNRBLeyBNj24rqjR8-tSCELnhqzqllPeB-xcE_wgOHMR5gQZg4Q8Si__D4gTCWj4Bjuth_45uFacYlRxLJNVFg0N_7pBI2lbzVlvoCElQNmujbORe0s2E_pdv651Xy6J_FroVX6W0qjHyXLhruqDzlfmdCWfnqqvckJpRjEHkg9qL0-98UOGr0BaHLxN4BPXURBRhnjdR0gqc7uLZTNFHoQnXcxrCqFuVTSEUeNMbpMFz3gwF5JSqyyDiGSK1WjSJfkjNIX9qX-vHShJ_V_MqNI3YPvGqRIfp8JZDxbtKawx1zEOCnQpX2zSQXUI0ABMVNdHHL083v-YLzHUwNOp-PSJ9wiMctg0ryEoeMLyqtRKBYQRW81HarqXgyrJidUq4h-fGzW8R9hyTQz3Kbj3I6HtCl2ACYQ_y5FxhqNrG6XI0xZ09JOUh_E9teMJVnuT7AwNeqEqXM8UnqYIVBRF9HisoNpja4RQgJyz9md0-Tb6Re__BgkRfLLhVrhvW9HpNm2d6LE2fvrSxErntpvuHd0ocQE5-Qn4DBM6VpMtSy5Ph4J-aMbTd214mkLvieshATiG17YaCmCD24EhsR7jd_D6YnssUeZ5ylkK-s7NDOZBzhPnyDFPw576fW1E_c32UDXO0CTs-k_CSBXT-LgDiA6SzlZlzIHVUTy7eDUXTiloMh53lWLai_g9Y39gTgUigz6lcxgCuFGd-_0PdtAr4LRpKVn5g0gX5yqB5JC7gX3bi5vZk6rfjvEiD4VmBTDgCq7xh1x6lYsp-gm0ICcDtPIQcY0lfr2k1W4ws7lVE7mnipERWm6aw2D9BTcuaGiHHeRsgcbNpoPTE6UjTFrWRl29Ew6FImGieaPHBkiIg2GltVb3mWhqpbB3e6te4uOaS3ues-zqT4a17CokBAkf8ZfvsT60LEhzvY8rHrWqFE5BypHHU30swI60TXQDBBhUBWLO4LYrF5cD8NGi4L64_2Tj9n05oHbT063SIlg2wAvzPnnYefQ8uDRV4L-d5GeUsi24IwnVKBt91vWeoXMCXjCMx71nks1Tee6SLBIqww1o4K6E_T3Q0zTYztqOZoiRaIS0tFDrlMtLdQekVrE4FI_jmVC8Fd2kDhrNYVtDp-WYp1f5VG1PLt3uzZHQCRKN3qiWe1Qe3Yd0YKe2lAZQuwtZwfTFrXNJc0Gtr_ss&sai=AMfl-YT5ObgZG9fZLI8XAJaxZzdqAlKOg3iET-dsS7GIZwkiKYNKJx22YGR3Z638wIFGK8NUCgrCbJq2LzeZbtnPzIFaoO-B-A0-7rf7C5l9UDyhuRPQpRBEXfWNI7IOIX7VEGERUmYtcUsH8K1nnrDRCxLQJwF7l4fkvLKiln9x93WUmnNaaZ2WD7Yt8-g8lfJGyiToiVmkU3sAvCqfVwjtjBD9mILsucgIdEtGCG3wYMwcrqVXFPthtnGvfXsEx6volHPCTf4ry7oJ7h4jgQJHYJ9_GhqjPT-UOb740j6RgA&sig=Cg0ArKJSzM6K0Pvpza3ZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1313&vt=11&dtpt=594&dett=3&cstd=717&cisv=r20221207.27527&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 25 Dec 2022 11:08:29 GMT
connectmyusers.php
cdn.connectad.io/ Frame 2C65 		1 KB
834 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77f11e7f993d5c80-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:30 GMT
server
cloudflare
getuid
sync.smartadserver.com/ Frame 0AB3
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 25 Dec 2022 11:08:29 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Sun, 25 Dec 2022 11:08:29 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3F5E 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9645de6c362ec855f81b3a93644c026ed2b5573f8ba05ba1c7606117fc676823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5758
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E3A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst868tjiYjv0FKM6LbralDwYMvOTc93OEbwQWb6PuxW9ULwPEU8kFEX2q6aFfS6mFC0-UBP_OYkJNGlbna_oOEnPshr4Cc7ya3UOq0I9_Xa7nlFxVSyuZyTXnjPibN_0ZUeG4BiSqAl-CJ64utUclDtNVVHCJX1-dJbmZn-VaC3-j01YkGVVflzy8xvzwEooXE5TK8_MPoQp1AP-RxW8RxhC8xy3CagavMTjcDQ4AsKpgXk6kPV-i443kR28RquoVvVuntrioOzmocfKmoGMmrGhISfcVAHPAjvVUDtFf7M2cTR5J8IqyWeboB69c7d4fQ3gNVDDN4Aw1mhXhMI6wIt5J7Gd_IbZvgl8YFJJZOk6dq8DxwL97l6jiFCIa1r__y4Ms9j8bf9dvkzwj5ho3TUPRuhKFoYHgXfoHXcOnB0xRPgIaNcDaZLmL7jVLdm_kpX4vpO1JS2zCJjyEUR302vc2tLV4p6ByIL89bXDkJ8LB3Ch2rmzsPcC2N1kUMGTeapOoO0j2IxSY-vSfuCziE2VSgsZ5jqdXxXFgilGFuDuZQD7mhBdlamUp4XGAVVu1DHRsCy5GBaK20MdlZKOCghX82Y1MYsPep6GGACeh417uChJGgHN-Avhj9FsOZW4pl1JBBAYDyPCUfsbV8K1ISpF-RWQ5zFDu8-n1btX0ox9q-MCboMp-nJr5zVdT8kNGFj5hoURqGTHhAFgV1lAF0efW-W8lOCnbHVnWflYrLpWusA1Cmn6xNLNu7V_MW2MoJ2QYFKMoqvYOG997-G4F4z-WM8lkKglxL9C0-ntkoMU1K-whRAtlFBCk1zn8AFIPyKKK1IZPHCK-cxBRKQiZ3VSsj0W-VCUxHnuFUWlu4pECJ9ZxGFRtU_fCW6Zt0XMr1xPOOxpgCiSb7fouu6X8Sjmf3kW8ZadKFhBycWHaS-1zhLtsUmDn0bjRsySXxD13h8K25n112g3wuaxAQx561nvBlkeLdZdTejFNyZGQqXTVD8Hg-0Zh7i5cMT2ljwRt45ZjSlGbK20INZeSujNtVxPqZvJ9Xm1XGp92h9UxZrDE5TD0YHIp3FPrlJqd5xi2_0q2IzLMkwtF51UNW6TSMMwvM4p1rc5ZashLxnIBLq9dK_yI1557lU8pfp3ax3m1DxpQclJjG4JxG6ofjUdgapjePvkbFTetVdFjxQdNfvbJZTy0hRUYgruOs2uczXLFJtD_aubGL8TPwoPFSGDrVzyo6XG4WrwQP4t8kGdaN3AYlGhrsNPAQ&sai=AMfl-YQcYPX-tPmX57IZY7BZgXjt49izkyYLNkYmYXDABijCC2r5W_X8KH8RzrFQM1eW6PClxG-a88eg1nFzlY-a0sPs0Gz94xieXufGWjWxSMFZwtKjsHOdmBCAvs9C_vjf1B9hCexy2eN14F2FPjhuubdLounKbJe6k9NjF45CPRm6j_U_N8lOBJhW2_77DhteNnPlZZV1Cfe1Rq0mnSoxyjVYwwIb-mwT0BUYBmm71J-JyzMgRHHTh1gZpF27ixl3Z1gJl-wN4qHi7pqdulgGbOGpvop0J8r9qvZ-Gyj0xw&sig=Cg0ArKJSzC7SanCwDoEtEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1398&vt=11&dtpt=701&dett=3&cstd=684&cisv=r20221207.50173&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 25 Dec 2022 11:08:30 GMT
cta_deals.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 31FB 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4722971/cta_deals.svg
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1864
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:12:35 GMT
flextarif.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 31FB 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4722971/flextarif.svg
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc694511bff51871e9dc5ece4e9504015ad4810b9c78ab8b686a0f774d00eb7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1328
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:12:35 GMT
300x250_40_prozent.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 31FB 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4722971/300x250_40_prozent.svg
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
598a26c3e45c18d7c30ed10d4dcec143cc96f3b86873dd7956f3b928addb4808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2911
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 09:31:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:12:36 GMT
300x250_head_2.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 31FB 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4722971/300x250_head_2.svg
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ffd0d7eda36b8e9cca9c1a9e78d196dde0c1e1804e1bd58072f7449d521c3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1326
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 09:31:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:12:35 GMT
300x250_head_1.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 31FB 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4722971/300x250_head_1.svg
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
505f3bfd3582a6fd8bf79ffc45ca2fbcd03ea35c54d42c7405fe757cb85e9549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2030
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 09:31:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:12:35 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 31FB 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
847
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:09:23 GMT
300x250_kv_fb.jpg
s0.2mdn.net/creatives/assets/4691997/ Frame 31FB 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4691997/300x250_kv_fb.jpg
Requested by
Host: a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcfb8f7e492ecfc971cf8c903349eb9f5deaf66fe3ad2fabcb3fc95d38d32f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:57:36 GMT
x-content-type-options
nosniff
age
654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39677
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 07:04:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:12:36 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame ACAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
611afce88997db6fdd35eb213e662871
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7DD3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=67580
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 25 Dec 2022 11:08:30 GMT
expires
Mon, 26 Dec 2022 05:54:50 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
Y6gvKq9s.FAHyA6h3-qF0wAA%262142
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 3C76
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y6gvKq9s.FAHyA6h3-qF0wAA%262142
0
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y6gvKq9s.FAHyA6h3-qF0wAA%262142
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e80efe090c4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77f11e80a9805c8c-FRA
content-length
0
date
Sun, 25 Dec 2022 11:08:30 GMT
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y6gvKq9s.FAHyA6h3-qF0wAA%262142
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q5PwjOsSXzfDwuq4xJBlui7VhInWVQ1nJDV7fcw3OKKVA8UTPDtZzd%2Ft3UVU1wxKx2q6qIu943HCWIR%2BZrd66Lsp3UY2LkAxUukz40zYhwoNWuoCj97RPE0m7OAkNWBqfYyRARLo7hFiw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3F5E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 11:08:30 GMT
74f8ac9a-8444-11ed-a708-1d0a0d900506
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 0BB5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/74f8ac9a-8444-11ed-a708-1d0a0d900506
0
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/74f8ac9a-8444-11ed-a708-1d0a0d900506
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e81285090c4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Sun, 25 Dec 2022 11:08:30 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/74f8ac9a-8444-11ed-a708-1d0a0d900506
Server
nginx
X-fe
41
view
googleads4.g.doubleclick.net/pcs/ Frame DBC2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshjR7TNx4mClWiEqErp0e5fy-4opg5BaI5j0FJEkcudPKmWTUobEd07txNdL0Vw2RYcVX0B3g_YXiqBMZmde_c074DEVSPkGmRRLu_sElZ0CLhVOd7oc3_itGSaZd1t9FVY3cIYfQdMfG8c0tTM2N5w6TS-YjNZ9YeTYk6B_GCn0vXISXKpcMkf-K581tYPGZpOqtDxFjG8Iksgeb4OWQLHxNYVqSUkhyvtukMqTJvdrziHs3FCymxpO0DWKPjqFUblf2jl8K9yt2euVDeRUwIsh_5-61U787g_yDdK4R9Ck-kROCGTGe620iX2AjIPgd-YUL5bjd_NPRRk9zCsuJxo112O64wsuDIu05q--UpN-atpx6ZlCapU_bZXwZQd4WmcHh5gZhi_GD4h8MJaSoEz9YlIq9LAVknYMmKcwWByAhfFL3w4Mtl1LRKk6TRrJua7FpieGeURIh4UKg6-FU7EminTdKC2spEQsDkZuVYszyWD8XdIAK83TES76H_hNBhZvY4VHmqeCd04dH8Dz18IjiykkjyLrfa7hexpUjzUBwdvi3935_e-oW8RNrSNnCUy_KZH26VA5whwkdOC0tJI9IMnDa2QSrHOn8EdwhlGQcJFoGzELdeqaIiMtJC6R8FVhskMlXSoNo07cRpj8cbeUOlNuxRZLLMliprcP7jH11irxBTxSm73YeiUc5A_Yn6bg1Vtz5TbsXrBN2_l53m0mfsJhQHREY0cx3BHEd12X0SHVAxQrzQGqbmBOFXcGopTM2zy-X07lCvvs1Qd0u3aYTlxEw5eMaCG_j0GAWE0Sj_mhTVaiMgr6D8AELyOR7lxLXJtjkwMixMtMP5LNDc1PIlRHSjzqWwLs7zzMIEj_Pd118vpmRVIQInsQLPxBI-RmKA89dBlKvmF_lJAXChpQTyaXKSFhCFhOQR_80s-re_39EbK_FIdWPXEVp8nu6H4Km11je_L51FnwogcQIFp8Gj-JH_r5sXU6Jv8QRX3R_QeCTRVzPSVLsoYNECeiIjJGH3eDpqI6z0bz9DUOjzJR0PvFDayLlojPJ3jtd_Zexp-2pFS6CUNPUhjCINMOk4NECc0nsBTwyWkVh5F0qui8pyL9JSS5t7XtcEA-_XQOKT03IFeOhbQlqLNG70O45ijG3sFUnvezSDxx0StXoP-G5-G8-9K4GseXnM_Kt0jvWbcKuZ2QQvmbdjshQ1R6NoJdJCoYa5MpxV-7VcUnCXs6QReX6ksHP1RwibXCaCrA&sai=AMfl-YTK5jy1b-rWjX_2fBZZ7MZ1RN0mSNZJ2fs1D2G50OM2s01F3rlbdTWNKsNzId4H-AwdQcr1jand2A6J_UJ3m108mGfHiOFBla7uSsPJgKxFYfP5rQIr2EigCTcFnTOH8rXNR8lRlH2TGlKp8-zdLXdjPriWKc3x5Re2da-Ku2Ddg2qQNpw9DVzYbOREp4AXRSF9I_IrY0OKAjhnfsEF6HQTp44wS4TWFX9oE92ugtgVKb6Vlh-xsFGEh_T-Kxqn7wYSgjI1-tQiB0QZjazhDpbxPF4S-fmpiQ6g1ac3bQ&sig=Cg0ArKJSzF4tImPiXyCfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1639&vt=11&dtpt=854&dett=3&cstd=782&cisv=r20221207.04218&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 25 Dec 2022 11:08:30 GMT
1
sync-eu.connectad.io/syncer/ Frame 6D03 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
77f11e81ed455c80-FRA
date
Sun, 25 Dec 2022 11:08:30 GMT
server
cloudflare
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 3911 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 19:50:34 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 68D0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 19:50:34 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame F33A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 19:50:34 GMT
motif.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 3F5E 		451 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/motif.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499936
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 16:16:14 GMT
logo_kia.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 3F5E 		1 KB
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/logo_kia.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
674
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Dec 2023 17:59:35 GMT
23717839_20220615053739201_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 3F5E 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615053739201_bg_01.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78738761a05024dac63f846374f6276e4998655016f495ae8c1f50993862d9c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:21:14 GMT
x-content-type-options
nosniff
age
2836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25080
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 12:37:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Dec 2022 10:21:14 GMT
23717839_20220615053742188_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 3F5E 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615053742188_bg_02.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fba73d15cca96429f4746a270426aeb33a66499f24dfd2ccdf2183c59ec81a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:21:14 GMT
x-content-type-options
nosniff
age
2836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31148
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 12:37:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Dec 2022 10:21:14 GMT
23717839_20220615053745124_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 3F5E 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615053745124_bg_03.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e979abecd1399db67fd82347fd7f876e3a6c4e08a64970ca3a272b92056546c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:21:15 GMT
x-content-type-options
nosniff
age
2835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21012
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 12:37:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Dec 2022 10:21:15 GMT
23717839_20220615082146525_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 3F5E 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615082146525_bg_04.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe0be6fbbce024eeee81ede02e4094213d7cc8655518f18d10f346289d1cca2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=QSembUb2mc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 05:56:25 GMT
x-content-type-options
nosniff
age
18725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23394
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 15:21:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Dec 2022 05:56:25 GMT
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c9dcf536-62e1-1ef3-d0f1-91ff9808f7e4&tv=%7Bc:xO0sGg,pingTime:-10,time:1325,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671966510508%7C%7C4ef563286754ddcb4b79c6ccfbb676c0%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7C71b4018d16ff1830843e8788efa7461e%7C%7Cfbd81966dce1bc061151d4914a04594d%7C%7Cac2c6d8baa0c985b09a9fa4f9aa0c1bc%7C%7C10b63fbc0e81b5d277e59bc4a94f9dd0%7C%7C156bba78ad1c45b3fe722a8d09a9f101%7C%7C1663701684,im:%7Bpci:%7Btdr:688%7D%7D%7D
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 254A 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
847
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:09:23 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 254A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:08:54 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 254A 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:08:54 GMT
head2_5line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 254A 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_5line_paare.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fc65e436756cddb5fdfe98535eb5c0dadda31f81801a21fa4c0839d45daebd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3331
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 13:00:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:23:30 GMT
head1_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 254A 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_2line_paare.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ab6793dc8e7ecc84e623176376fac17df0d4513fc68ab392d3850200da5f13b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1686
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 13:00:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:23:31 GMT
160x600_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 254A 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/160x600_kv_paar.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d6d8aa9116c8538da4416d44de1532dcf9f5ec4ddc85f4d524714e8ed918ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37561
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 08:15:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 11:23:30 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame EE8D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 19:50:34 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F93C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BIAjEKy-oY7fJK7ml9u8PqKOgsAOs0smuRgAAABABILGBnBw4AViC7sTSgwRgleKQgqAHsgEPd3d3LndhbGxhLmNvLmlsugELNjM1eDM2MF94bWzIAQXaARhodHRwczovL3d3dy53YWxsYS5jby5pbC-YAsCvBakCmpdAKIglkz7AAgLgAgDqAiM0MzAxMDc4NS93YWxsYW5ld3MvbWFpbi9wcmVfZGVza3RvcPgCg9IekAOMBpgDyAaoAwHgBAHSBQYQ4sOnhReQBgGgBiOoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=os5L4CUoyN0&label=video_ad_loaded&sdkv=h.3.549.0&vci=CkgIARoER0RGUCADKgo2MTg1MTQ4ODk4MgwxMzg0MTczNTQ0OThAAFIgCJYFEA8lAABwQSgBOgd1bmtub3duQgd1bmtub3duUAAYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 18EC 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all
csm.eu.criteo.net/ Frame DD4D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=R-aKnUBEE-4gg2Iyh8exjU9UvsP-XerQCQVfkldHEF-bQTAJYcHWGr-6D1HWiiZaX8ALUEukvAyCD7-ma-I3yil13BNHapqwUYhfEWDs3EHIJY33JTWa3HTodrESTJTsnwES9RnDSYXjKaCUOdY1IVQ5IjAF9fXqLd1Rllu1nRhhWIvFtW-m2Mszx08RJ3PRCywhgOrz7L321UFGbJAO02YFERWD12w9xlrJmpMKbZgamkw8Den_vPH1i4XDlmTTMq7mFQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 25 Dec 2022 11:08:29 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame F93C 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJqVCYRIxmzn6_LHQnqkGS16tyUKzXDWmDxD-cHklx1PkcNKIZYHNmfN3yWXibafMvdEN01Io8_918cp32LNVYesgtyddf-3QHxXnpP16KfQW7ZeErTUofBzdcm4BrSBda4doAc56Tblvvh8FUMsLBBx_gAYbtWTenMcIxFtgGJ84K3aaLl6mgQeLAOHqmURKbamoz-xp4TIu7m4Ku28tu9IjxBJ0IbYCHiDx07EFeJ0fYHk4iEv6H_jN22YQZg86d0iBQ7_1fKec2vQaSP5SSagDgOHC88vP_MoUiVkUYorYpcKHoFWW3x3x-0jmod88UmyXVRrCmd8-9eVOQqjthfw36&sai=AMfl-YQhdOqN_eRU2C7Rs8mw3A4ujGUwo87R-q0JW2QYFiSiBuCVN-riStWGPQj-UI657liMrDZfXokdQwhxam3LMqr21pVPtSxtwPKMSh_9aPOnERYT65sIHhhnai1ahjtPRg&sig=Cg0ArKJSzPA0OwwF5YcYEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.549.0&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F93C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BIAjEKy-oY7fJK7ml9u8PqKOgsAOs0smuRgAAABABILGBnBw4AViC7sTSgwRgleKQgqAHsgEPd3d3LndhbGxhLmNvLmlsugELNjM1eDM2MF94bWzIAQXaARhodHRwczovL3d3dy53YWxsYS5jby5pbC-YAsCvBakCmpdAKIglkz7AAgLgAgDqAiM0MzAxMDc4NS93YWxsYW5ld3MvbWFpbi9wcmVfZGVza3RvcPgCg9IekAOMBpgDyAaoAwHgBAHSBQYQ4sOnhReQBgGgBiOoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=os5L4CUoyN0&label=vast_creativeview&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D2944,790,3274,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26is%3D18%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D3114%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D955845494%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671966504433%26ptlt%3D1671966510617%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1671966508789&sdkv=h.3.549.0&vci=CksIARoER0RGUCADKgo2MTg1MTQ4ODk4MgwxMzg0MTczNTQ0OThAAFIjCJYFEA8lAABwQSgBOgd1bmtub3duQgd1bmtub3duSIkOUAAYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F93C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BIAjEKy-oY7fJK7ml9u8PqKOgsAOs0smuRgAAABABILGBnBw4AViC7sTSgwRgleKQgqAHsgEPd3d3LndhbGxhLmNvLmlsugELNjM1eDM2MF94bWzIAQXaARhodHRwczovL3d3dy53YWxsYS5jby5pbC-YAsCvBakCmpdAKIglkz7AAgLgAgDqAiM0MzAxMDc4NS93YWxsYW5ld3MvbWFpbi9wcmVfZGVza3RvcPgCg9IekAOMBpgDyAaoAwHgBAHSBQYQ4sOnhReQBgGgBiOoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=os5L4CUoyN0&label=videoclickedtoplay&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D2944,790,3274,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26is%3D18%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D3114%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D955845494%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671966504433%26ptlt%3D1671966510617%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1671966508789&sdkv=h.3.549.0&vci=CksIARoER0RGUCADKgo2MTg1MTQ4ODk4MgwxMzg0MTczNTQ0OThAAFIjCJYFEA8lAABwQSgBOgd1bmtub3duQgd1bmtub3duSIkOUAAYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F93C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk_mk-4RK28CpqlNlF-YdKvePwpB2U_jRI_YPov36lS6vy9PblfttIs3tgUOhHcKyP_AUHzg5V_vi4ZjSLXoaDJUNaTvatRHUMjfyc_de-zSLLSIrD&sig=Cg0ArKJSzIJRoxZJ_F1dEAE&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2944,790,3274,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D4114%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D3114%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D955845494%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671966504433%26ptlt%3D1671966510619%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1671966508789&avm=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F93C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BIAjEKy-oY7fJK7ml9u8PqKOgsAOs0smuRgAAABABILGBnBw4AViC7sTSgwRgleKQgqAHsgEPd3d3LndhbGxhLmNvLmlsugELNjM1eDM2MF94bWzIAQXaARhodHRwczovL3d3dy53YWxsYS5jby5pbC-YAsCvBakCmpdAKIglkz7AAgLgAgDqAiM0MzAxMDc4NS93YWxsYW5ld3MvbWFpbi9wcmVfZGVza3RvcPgCg9IekAOMBpgDyAaoAwHgBAHSBQYQ4sOnhReQBgGgBiOoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=os5L4CUoyN0&label=part2viewed&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2944,790,3274,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D3114%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D955845494%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671966504433%26ptlt%3D1671966510622%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1671966508789&sdkv=h.3.549.0&vci=CksIARoER0RGUCADKgo2MTg1MTQ4ODk4MgwxMzg0MTczNTQ0OThAAFIjCJYFEA8lAABwQSgBOgd1bmtub3duQgd1bmtub3duSIkOUAAYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F93C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BIAjEKy-oY7fJK7ml9u8PqKOgsAOs0smuRgAAABABILGBnBw4AViC7sTSgwRgleKQgqAHsgEPd3d3LndhbGxhLmNvLmlsugELNjM1eDM2MF94bWzIAQXaARhodHRwczovL3d3dy53YWxsYS5jby5pbC-YAsCvBakCmpdAKIglkz7AAgLgAgDqAiM0MzAxMDc4NS93YWxsYW5ld3MvbWFpbi9wcmVfZGVza3RvcPgCg9IekAOMBpgDyAaoAwHgBAHSBQYQ4sOnhReQBgGgBiOoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=os5L4CUoyN0&label=admute&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2944,790,3274,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D53%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D53%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D53%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D3114%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D955845494%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671966504433%26ptlt%3D1671966510640%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1671966508789&sdkv=h.3.549.0&vci=CksIARoER0RGUCADKgo2MTg1MTQ4ODk4MgwxMzg0MTczNTQ0OThAAFIjCJYFEA8lAABwQSgBOgd1bmtub3duQgd1bmtub3duSIkOUAAYAQ..
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DBC2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5Rigx9g1NIT0K7eludm4eiRVzNy4Em5t_K-nGorFESc-NVcDiZQORcDNDVFlW76PHLELZjBIN1UTWEIYn6KTQOGwXt0PXGWjkUEoevf4c164tFQ2OVkLL5AfLnjh_1_nC6jsWhw&sai=AMfl-YR3f54Um_tS6ny6qCAxAXh7mfR_hLKvjp3tch_UtHpdSKDSvaaNBuZohu3TridQEyapgfR_71LRSdUp-bUHWRMgnxcd_Ri5KsSM13jp7o8oyXcMiHGjFBJROh2XgSc4hxGAJBe0kKzxVOtWToIO&sig=Cg0ArKJSzCDSnEgesJdJEAE&cid=CAQSTADq26N95NK2PfcnvfhgG8KvPO223qxnyPkuhPoUsyinnfE4oqrZZND9qDwHD4rH3X52OBD4aaiTr0Xeo97FwjDRF9FOY7Lv4NdbtgQYASAT&id=lidar2&mcvt=1081&p=451,1439,1051,1599&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2273020712&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671966505614&rpt=3925&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oebu0&_p=2078144377&cid=777851744.1671966503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&sid=1671966504&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L30GH6X3WK&gtm=2oebu0&_p=2078144377&cid=777851744.1671966503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&sid=1671966504&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame DBC2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e95000c2-d433-a679-4324-8f6dad2f834f&tv=%7Bc:xO0sNw,pingTime:0,time:1645,type:pf,im:%7Bpci:%7Btdr:906%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:53%7D,%7Br:r,w:160,h:600,t:275%7D,%7Bpiv:100,vs:i,r:,t:1642%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:3,o:1642,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1629~0,1~100%5D,as:%5B260~0.0,1370~160.600%5D%7D%7D,%7Bsl:i,t:1642,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1629~0,1~100%5D,as:%5B260~0.0,1370~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:781,fm:tr1D571+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C19*.990511-61634098%7C191%7C1a1%7C1b.990511-61634100%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:55,sis:528%7D&br=c
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2078144377&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=ForcedPlay&el=Google&_u=aEDAAEABEAAAACAAI~&jid=&gjid=&cid=777851744.1671966503&tid=UA-4780630-1&_gid=1769622307.1671966503&gtm=2wgbu0T728TH&cd1=777851744.1671966503&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd45=Google&cd47=Live&cd49=&cd50=Live&cd72=true&cm9=1&z=590230958
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 19:42:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55543
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame DBC2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e95000c2-d433-a679-4324-8f6dad2f834f&tv=%7Bc:xO0sR3,pingTime:-10,time:1864,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671966510508%7C%7C4ef563286754ddcb4b79c6ccfbb676c0%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7C71b4018d16ff1830843e8788efa7461e%7C%7Cfbd81966dce1bc061151d4914a04594d%7C%7Cac2c6d8baa0c985b09a9fa4f9aa0c1bc%7C%7C10b63fbc0e81b5d277e59bc4a94f9dd0%7C%7C156bba78ad1c45b3fe722a8d09a9f101%7C%7C1663701684,sca:%7Bspg:c9dcf536-62e1-1ef3-d0f1-91ff9808f7e4%7D%7D
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69E2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVoONKS-oY8e6O6eCx_AP7tKdmAUAAAAAOAHgBAI&bg=!aGulay_NAAYgquz3AKo7ACkAdvg8Wl1c4zWDV0ODzK2kupBOp8d-uFYewWCOc_0m3zsU_xTTojY1UAIAAASQUgAAAAVoAQeZAxh2RBIdYX94_mWsUFdrZLv1Aii8JL9AZ34YNUUd3msJW4D_lYniEjTIwtsQxia6dblKyiYWgYMOWj_LmTvF8NQ2m_z9ebGwulsOD3fXj5aQzuTBENxJdDJAPqWx7MXfzMapqnAmhNt-TpHtEHZ0QlcPLrZ8kCDhvNFYfIU_JvDcYdznVxVycAoo5ZnlJG1IYjj4jPH_i15WAfGxSqPLxczrVYp1-pDRTfzUd_xcYhvAVB1M3GmMgjN6tIALS9qDhO5qxl_vl-cg3vaYfvP7DuZCcyp5Cy8IGEwDkCr1FvdU0Dzz5VX1sUuytqW4mKJplM6NRCzmdU80QxQh1NK3kYBiixIuaXoynOk4QcJF_poRQFW9anTKUJNJew_KOATkLe380GiKFxTnGepum6uwvnTQIEWGav_yY4T9xkvoppAqDgR52EijdObh1TVnvGIlt-cM0lFDUAnhyc-jktVf-86FTB38hCllImCh2SHHyXO2E5jDKbYCkUosjeZ7rgMOyrd6-F0hGUI2XvIJG5fg09tuGi2H9iM6aXNWaywuBTXZLmt3kLXRxv-7Oeo-VeXPQWb4FWpE58gMAvHXNP-pd0gha0hcUPdNb1YI4r3Csfo1dAomjKkQKr9QXQE4uKInCD-sUpeVug8SoCFzjNy_ZG7sR-112XR6cJFko3EKR1uo8QZzWOapCEghDmHjupQZWa6edY13tVakeexX8EB_UECtNOHw7aXP4utdnFDhGiYgz0gJNdF3mOF0lsucVMZo_cnrtZtcmfdQhS2y8b4a9zMSuvGpryJJzrYhfkxBnyFYHi7llrAz6D_RZDtZaZ21zZy_px8pUnF5g4CzrTYsTRNWhrplkB5RU2jo0zyRcVFY4FZsCqlrsxVCrG4f2uab12koF_nA5Ye0dmOa4KuBSuzg4m-QxDyhOkl9C3aY9rkbtvNYdgXRI5iqOv49qk98J1o4kcRf1eQ1M2MFuppVzwppFxsHRKEJgekbNePt5QuapMzKKqsePbJR66dqS5pivAs4Notp8iEs_EFITmHjC-bUdde1yAG58TE
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7631c96ff5faeae517b82fb121a9ba8158904ac5a4209fa8d037a2d6d2da1ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11211
x-xss-protection
0
syncframe
gum.criteo.com/ Frame E528 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:30 GMT
server
Kestrel
server-processing-duration-in-ticks
411133
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 11:08:31 GMT
sid
mug.criteo.com/ Frame E528
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=JPz5219SJTJCeTI1M1VTMTN2dUY3RHFQZ2ElMkJ5eXUzdm00JTJCZGgxYjUxdTc2d1ZJZkxu...
  • https://mug.criteo.com/sid?cpp=PeSLuXx6dnBSeENRckZRVVhwTWdWZXR2T0o0VjNWSXVCeXB4TklZbGhmc3NrMThIYzhNcE9aWVI4bDNGUGNjL3NKeVdnTXJCclFVbG1rMTNJdUxrTGRoeVFqRTRacGM5Y1RleWs1ZGZoOE1BVjBzWGExS1hwQUNCbEpaQ3...
449 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PeSLuXx6dnBSeENRckZRVVhwTWdWZXR2T0o0VjNWSXVCeXB4TklZbGhmc3NrMThIYzhNcE9aWVI4bDNGUGNjL3NKeVdnTXJCclFVbG1rMTNJdUxrTGRoeVFqRTRacGM5Y1RleWs1ZGZoOE1BVjBzWGExS1hwQUNCbEpaQ3ArU1JLS3JkNUxaSVE5ZjhZUDdXMXdhMXFCbFBxT1JzejNwcnUvSFJSWlpwaWx3VkRHcFJFNFFJTWt2VVJiWi9pc2NzLzBKeC9lbGc2NFl6SHVNengvejRVNEhTMzJmUDVGVzN3bWdOVWVKZ09QVEg5bUFRUjVsWHlZZEl2N2xmWkhGM0M2dUhqb1gyajRZK29SSDJETk14UUx6Sk1vN3ptYWlvVkhiQUEwVk9PQmV6YnFiVT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c4fad01cb2158ad44b656710ad4fb40323f8f8f8ff67907e5332c3c3c4a9ad8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2209598
expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:30 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=PeSLuXx6dnBSeENRckZRVVhwTWdWZXR2T0o0VjNWSXVCeXB4TklZbGhmc3NrMThIYzhNcE9aWVI4bDNGUGNjL3NKeVdnTXJCclFVbG1rMTNJdUxrTGRoeVFqRTRacGM5Y1RleWs1ZGZoOE1BVjBzWGExS1hwQUNCbEpaQ3ArU1JLS3JkNUxaSVE5ZjhZUDdXMXdhMXFCbFBxT1JzejNwcnUvSFJSWlpwaWx3VkRHcFJFNFFJTWt2VVJiWi9pc2NzLzBKeC9lbGc2NFl6SHVNengvejRVNEhTMzJmUDVGVzN3bWdOVWVKZ09QVEg5bUFRUjVsWHlZZEl2N2xmWkhGM0M2dUhqb1gyajRZK29SSDJETk14UUx6Sk1vN3ptYWlvVkhiQUEwVk9PQmV6YnFiVT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
576069
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3A2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2001549715460&version=m202209210101&ct=76&x=1&cor=11438024863911205000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBC2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8416858418417&version=m202209210101&ct=76&x=1&cor=8472963844570602000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7138667114041&version=m202209210101&ct=76&x=1&cor=3505846035244927000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB9F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6980
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 09:12:11 GMT
expires
Mon, 25 Dec 2023 09:12:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C3DD 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
209ecb303748df30221579669f8deffdfe158e0e30eb70c769f952e3e6f56521
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o2757dLnxqfrVoXagQrS-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-o2757dLnxqfrVoXagQrS-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:08:31 GMT
expires
Sun, 25 Dec 2022 11:08:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PugMaster
image6.pubmatic.com/AdServer/ Frame 075F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66514814&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6fef513232cf178b7f19845f47d3626af39a48e80fe9d815e2a12d31add396a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 25 Dec 2022 11:08:31 GMT
content-length
1947
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 68D0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlCppKy-oY4quLpf8gAeYvoX4CQAAAAA4AeAEAg&bg=!4eKl4qbNAAYgquz3AKo7ACkAdvg8WkhBsNYvCc7Kjpw80TS4KI9U6GbROmgmIBw2PAGbBJYCPySJjAIAAAMWUgAAAAdoAQeZAzCz7gFAal2bknkwjKYcOmzeMf_PuWOwoBNZSYMPk5QsQBH5WzqdsyO4uYBK7C2Fr8d_L5eraKrtXelLzqP4_dy3G-iR9MCQsw_-XrigIPpFfVNlHQd5dwy_Sa4VG6VFLhHqu2cN3dgYlEt7wCaFPenG-hafe9AYQFZNqYKo4jeuYTUz-TGp6OsQPoOGLhrgZkMYapeP8wvuG-dbogJs98oIVyEvaXqU6F9q7jRUNBqMts8wWbqcaaDi2fA68rCnEQUqZPBolc_HmpDl2UmqSZS7L1aLxOgp_Qi6tQD0iARB1iXzLRX1gWVQDbFytwOs-9_CqMuLCT49MlmBi3IJ0O48div34ER-lcsaVBBL2WyjJF3nct8iBElSBGJXsp6mvwghpcKyslzzlC3ZRuU3xyd66DXqCwgIjtaMYsWCFptbGQ3NnomlL1_Iv9HBOIKeRObrofoFeKYw0z81-4QAKL4jrb-4BcVdxbRJCE6inqgMRoHlG2EeDpcgDCpOAGn69J3vxGXRNS5TS-Sz7M2_us7oW-3HmIdi9MLRY8SkIsZXN38RzXRcjFMMC_2g43oHU3kWfAnBHU7TIdpem4bVPZk31Hfpo7nfvvWO4OuniKN--A6PmjzlBxB8E2bQOol189tfJIP7u2HqqFOhkIMUDJxqI-gIBLz8v5USgqHHSR7Ni1cNyVzIePqg-0bEDegEghaX_g1syTXwPOZxqXLtDKZzHFRw85zJLe8j46oMz0JSz9nb5hz8sPEw203ZKoAJSiIQRdKmoueWbmUSBiNFOoZpInUXLBRAMySjH1F3c3eNpriK07VfMYXaZT0d-W6NiIa8WAS1ToWs7f8Q5fRNAIIH8n2WjI2YSYkztG7ugrQVSJkhOHL-ZwQeAvJtOBYfm75Zzoy_cQLQrmDHkvanbXoo76bR3RM3N5CjdoMRre_Asjvpom_DMpnZbuPnbRP5LX67dC4lNi_Xb3S1ae5EwII71Jd1PQiWs9O6iEtjvZbrg0qdripwUcpH6kaTrGNOJk7ZjaQVMCfnSZLEg-XFdByLHJa4J9MQEwTCGzBl1nzCdNcqmjCLiTbcv_ZeElcZTkI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C3DD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=1243182036642193&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame F33A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZo3PKy-oY8CgOOS6x_APvI60uAsAAAAAOAHgBAI&bg=!sLOls_fNAAYgquz3AKo7ACkAdvg8WgLoE5BQEJyEsYARYWU0tVGRRN9oH5aGQQUsisHFInXoxVWMWwIAAANkUgAAAARoAQeZAyTM6AYIbj_xMztVowAMu9S1B042cfKziG0_I5qPU6LjMU4TFN94A6por86T2a2EA1-WncHJaoVEgr_Rs2Iagg61X3J05wwhWK3GWaFSdaCD5D0qfx4NyfDO3hpStRuqPGdqPhHrtDXcq2tlBovMyjet8VKosuSeL_AOyBSmg4yhOvqyY5uDeZek5yLgx6yV2MUpUysY5dF5l9kGdurKQU1kLfA_JfDKfJnsjMzIoZP8HJana-NKtBfMJ3Q3gmZlQYoZL21n52LvNx1-A_oTmSp7lY2k-n0HGRE4QCFCKYFYLEAzwYBv90xkqccNO7uGjR7LB7OlCw2wvYGOmCdKIIa7jEx-xSa7h8ymE3WTosDLEHOxpKMD1A05JPPiKsqod8J3P9HdX_wWNLg2QIue-xgSa8p2ZZvo3Iav4fV9IwE8Y3z0h4xwFar8qRpJLGsHZQAfU4lCSpQJxiAtyaWdKIBSZeeIYPk3ivOX7zBQWQ3O7CHoULck23OW3n0RUlcUd7KzKwYXA81SqQ7ZZN8Yul3vRkAxYxQNOrPWdYiZijjiGfrfap_nzhizFc02IUyM9SdFIj79VFHak3dqq6FykWAQVlRU_I5RCP49xYaHBDabHFtsQPz6UuusHTp4t30S_FXWTOCZp0xrS1VWN_WSt5hpmRoEto6193FF5a9YlOuqmX1oW5wY1rCijS9unwgCIE8VWc6spGYtF7opsnAjW_LR3YiX146Fx9Sf7C-XYeLpqiUEMgS_YbrJTWvyIa8Gs1yM7_VrKQeAIJXcKkyfdD978KZD15kea3Iki5z7wItaOrwUx6uh4Lk_h3ghtHrjlYQ7uvDWYfJTl_RQk7H_BsqOjBiO4HpL0BOiHwnBm2zsMJ3kNIn7tgEBDyUPdYBN9qlLU0AKXnThSSNi-5WBqW5J2A8njw2xp6-13OQa_BlozEioUKbeXUuft76GqOo_UsuGKXn8toxEiRkQ5TfRBUXbVXlKZ9DlPk5e5IUTd28vtLRJOrwZkoTK4QglPPZT7sXzWh5QOLubeAR3YcLz_n1sqH8TagobNO5JWlxbM-EDNep_ZMk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3911 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPIKoKy-oY-CyMbCwx_AP-LSxsAoAAAAAOAHgBAI&bg=!4uGl4aXNAAYgquz3AKo7ACkAdvg8WnKIlrpm910JfVOzWQJQsE6WrDptS2U1q_MsTZnXOZTve_0_sgIAAAO3UgAAAANoAQeZAycuUdS4at4Dd3IV_fsOaIlBdqaedJV3pA4vieD2fgi7pJh-52XHi-Mnx8HTHWI2pGrbYOXuOgOrhHwUJjfZK638yaW1_J9Fsx1Vy3rc3SSirlMkbgzYqslrgvklMRgRh6X3TMx1LFivtKx5JlDQltHQUJMTIssVjBn7rh0BifXB6q2HiCylOBEY_c3bv3UuEHqx-E86N8tBlSPUulT1Vvn2nk_sbXp07yUIqJNzVaRpI18C4GWbVXT6lht7dsOCToU8uCIsK8jH2P2y4hhVDSSN3ZZL12AjPHC_wRdbND9R5M8vgI98osVmZH05LQCe2cR0oDJ7euhvXkRTXvSXbjAYd7Ao3iWX7dUdvd7f9Hb3y-4lZwVezpbNOdieeV8hPuQZT-H7pjeSbtajMFMAKJRtzworu4ziIYHvdMa49wYPHg4w4jNIZENUCVE3N9jkX-kIaj9Kesu8i8HSEI9M-ZhN_D2xf2-ZGHEgtA9Ia0aVrGOq49CO84pPwS6dQRbuGWw0M78O-8Df8p1tbKqzvIBEGo6yxzAlbVA4HvvFHkYwBUoNvy3VkoOyP2TAk3Jcz0CZfV7f5oTgZAHedbXD8dGBffjri-DQ9VW7xo5LmGfA-s0i47k9MmAszDwvXh5VNSV19KAeY5O1toqLocC2Eyayo_HBynxKHWuJRGGr5lacBxuKuDqoSYqftdor0Q4g1eWQdA83reX2Q_ji6rdvTAY9dd7PzK2i310fwsW-hDemV55G-5uRpOnP3RwxLdIFV80YiRQRBjFjWty52iGCFIRFQ7c25ucsIfM_pjL1_dV03a8WssXk79bcmvcW6sLpOZQDU7DGqz9rv3E99t9XMJxEE-2L9PJM1nWRQJTa7YRIAkvy7W--3KGh9zIbglS4GyX83ytv4P-s5ACI-HjtBckpbfpxka2bUO_RIs8rhtKixHp1wDOSFAEHy0WxIqAyFB7nSy5oOC6YO2Snwehn0ipyiaL_w43QpOHtI48XfuQ98jo1Vewk3o92aYw-3Cl5hBp7AhaY5NFK0tdkNjp4Nhs4IB5431eYXmkREGnL2LlOdByyI-b6wsU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E26B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CnCRkQ4lws8RJ5WZC3Tdn1glxsgRJcicCCFQScFN
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CnCRkQ4lws8RJ5WZC3Tdn1glxsgRJcicCCFQScFN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 25 Dec 2022 11:08:31 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CnCRkQ4lws8RJ5WZC3Tdn1glxsgRJcicCCFQScFN
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame E0FF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181041484772997273&gdpr=0&gdpr_consent=
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181041484772997273&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 25 Dec 2022 11:08:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181041484772997273&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame D8A7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rb6NqO52Q7lNcDagxkWLxrnVm6I
42 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rb6NqO52Q7lNcDagxkWLxrnVm6I
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sun, 25 Dec 2022 11:08:32 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rb6NqO52Q7lNcDagxkWLxrnVm6I
Pug
image2.pubmatic.com/AdServer/ Frame 3A38
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFa0EwN0hVRjRBQUNDT1o0dkZsZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEkA07HUF4AACCOZ4vFlg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEkA07HUF4AACCOZ4vFlg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEkA07HUF4AACCOZ4vFlg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7941863614148787353&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEkA07HUF4AACCOZ4vFlg&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEkA07HUF4AACCOZ4vFlg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 25 Dec 2022 11:08:32 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEkA07HUF4AACCOZ4vFlg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
p
a.audrte.com/ Frame 075F
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2546D8BD-510C-4044-B55E-2B921A9DF6DC
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.84.251.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-251-28.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 11:08:32 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 25 Dec 2022 11:08:32 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 075F
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2546D8BD-510C-4044-B55E-2B921A9DF6DC&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2546D8BD-510C-4044-B55E-2B921A9DF6DC&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2546D8BD-510C-4044-B55E-2B921A9DF6DC&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:36 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:35 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=2546D8BD-510C-4044-B55E-2B921A9DF6DC&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 075F
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Sun, 25 Dec 2022 11:08:32 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
generic
match.adsrvr.org/track/cmf/ Frame 075F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=2546D8BD-510C-4044-B55E-2B921A9DF6DC&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
2546D8BD-510C-4044-B55E-2B921A9DF6DC
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 075F 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2546D8BD-510C-4044-B55E-2B921A9DF6DC?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:e8cf:44d0:158e:aa91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 075F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EfQk4UtE2uVIiG29XCLDpbGlV9IEpVU-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EfQk4UtE2uVIiG29XCLDpbGlV9IEpVU-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EfQk4UtE2uVIiG29XCLDpbGlV9IEpVU-~A&gdpr=0&gdpr_consent=
date
Sun, 25 Dec 2022 11:08:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 075F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1c2f6a4a-9b74-4da7-91c6-9b848caa60f9&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_d7a5745d-14cd-42a0-bd7d-eae09c8a3d5f&bsw_param=1c2f6a4a-9b74-4da7-91c6-9b848caa60f9&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1c2f6a4a-9b74-4da7-91c6-9b848caa60f9&gdpr=&gdpr_consent=&gdpr_pd=
1 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1c2f6a4a-9b74-4da7-91c6-9b848caa60f9&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 25 Dec 2022 11:08:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1c2f6a4a-9b74-4da7-91c6-9b848caa60f9&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 25 Dec 2022 11:08:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 075F 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 075F 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:31 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 075F
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7cb052a1-714e-4a1a-9783-eb653e5c451d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7cb052a1-714e-4a1a-9783-eb653e5c451d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7cb052a1-714e-4a1a-9783-eb653e5c451d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 25 Dec 2022 11:08:31 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame DB9F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 19:50:34 GMT
dt
dt.adsafeprotected.com/ Frame DBC2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e95000c2-d433-a679-4324-8f6dad2f834f&tv=%7Bc:xO0t4j,pingTime:1,time:2686,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:53%7D,%7Br:r,w:160,h:600,t:275%7D,%7Bpiv:100,vs:i,r:,t:1642%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1044,o:1642,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1629~0,2~100%5D,as:%5B260~0.0,1371~160.600%5D%7D%7D,%7Bsl:i,t:1642,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1040~100%5D,as:%5B1040~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:tr1D571+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C19*.990511-61634098%7C191%7C1a1%7C1b.990511-61634100%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:55,sis:528%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:32 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame DBC2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e95000c2-d433-a679-4324-8f6dad2f834f&tv=%7Bc:xO0t4k,pingTime:1,time:2687,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:53%7D,%7Br:r,w:160,h:600,t:275%7D,%7Bpiv:100,vs:i,r:,t:1642%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1045,o:1642,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1629~0,2~100%5D,as:%5B260~0.0,1371~160.600%5D%7D%7D,%7Bsl:i,t:1642,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1041~100%5D,as:%5B1041~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:tr1D571+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C19*.990511-61634098%7C191%7C1a1%7C1b.990511-61634100%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:55,sis:528,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:32 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
generate_204
tpc.googlesyndication.com/ Frame DB9F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8r_Gnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=1243182036642193&bg=!AgGlAUXNAAYgquz3AKo7ACkAdvg8Wvj_GazOWWVJQX6AfcWY35Njo2xLUXJeURQFd1WYvLBcr8eyiAIAAAEJUgAAAARoAQeZAuFZ7DvAPaJu0Ec6vO-x0PhHBAwSSLB9B-v8IpI5LvKmnrUiv2rrfngxG-jJIkv96kFfsJI8KLfoz5OOVLPcCXsH8DK5rFsvNiAbZi4lOCFaFwY27wa5KqbgKVLBo28iThSxUJgh4cXUj8q_2WSq6NHyNP4WXvzVYGnXtlJThI2t16L1RD5tTXqY-u7PHo3jhaRQim-M291KSJiaCmrouR04M6d_DSiCADlRqkYYGRmv1_C2VP4JAiFSOnQNX-wM0xwUdH3ZUnR0e9aYUEQrfraS777T50hp70NNpyViVqurRwttS1qTMdc4H-Lt5rKNtoosuqF8FIiGsTJ4-SXUkT9982KFo_niLoFlEYAs_2Ag8PYttRyTND_225G899mT10xY4TL1ujU1wSS1ir7sVdnOMaScLPyJSMd9IgkRsLz6K3zef_o0XwtNySMZHvQ27BpTHMi7MyCbt8hp6d-TgVKgDqXjpPob-vQN1WYqO6EvkRO79GAHUDdj7QgrZcNFrIssat5Y_wp_P8s6-IB_nGKoZMrr2qbO_I74QiyzbytfOg0TYpTsygOc7u0FMBXEciI1_-Pn9QtAK4tky0rL1f13Un7NHDwy-SpzYNBX2sb_Gk02HbcJnhVUjBRpT-fy0bY-T8a3EENp0NB8fq4tM-8DtugQJG-cksBI1jmNYP5MLv-h7jOL5f88yXey16VR60MdVdDqL7CluMObfHMA6yzRT7E6JSoT7Xmuh2vuPUFBgUWgy9IcQDcYjmaXf14EjgC_B9dIZ1lDikq2IjKYzXDrW2KDwfoOdOvqZkSoeMgnfSJ5QF4-GSyBrIIut1HyMeN6yxbg-B0yrugaSF-EmYlHTIerb7N8utm98wTyNsNs3O8fcQniaF4CSY6N03DLUSrWTtsXSBthWohjZnAjnDaMaH_oF-GldwZZGQSjCvcmXSSlIaqHjHjDJs94BwjbK42iWdMBbjpasNX-qkRUGP5uYQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 7DD3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8601778&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cfb83feea91c3fa522950a9ad4351cfc827453f8c0fe7775de68d8ef1020eb5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 25 Dec 2022 11:08:33 GMT
content-length
1908
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 2283 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 25 Dec 2022 11:08:33 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5D3F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6gvMQAAAM_45gAp&gdpr=0&gdpr_consent=&_test=Y6gvMQAAAM_45gAp
1 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6gvMQAAAM_45gAp&gdpr=0&gdpr_consent=&_test=Y6gvMQAAAM_45gAp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 25 Dec 2022 11:08:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 25 Dec 2022 11:08:33 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6gvMQAAAM_45gAp&gdpr=0&gdpr_consent=&_test=Y6gvMQAAAM_45gAp
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220072-HHN
x-timer
S1671966514.613006,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame DEE6
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
79 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 25 Dec 2022 11:08:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 25 Dec 2022 11:08:33 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame EB91
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77f11e96bb6f9170-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77f11e95385c9170-FRA
content-type
text/html
date
Sun, 25 Dec 2022 11:08:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
4705
cookiesync
core.iprom.net/ Frame A5E9 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 25 Dec 2022 11:08:33 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-21f2b38cfaeb@version_1.531
X-core-time
1ms
X-server-arch
v2
generic
match.adsrvr.org/track/cmf/ Frame C74D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671966513465
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2892114837
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2892114837
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 25 Dec 2022 11:08:33 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 25 Dec 2022 11:08:33 GMT
etag
RXc56160497aa94a42a14c724c419b99b0003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2892114837
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
pub
matching.truffle.bid/sync/ Frame CA88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 25 Dec 2022 11:08:33 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame 83A2 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sun, 25 Dec 2022 11:08:33 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d8ae7f61e0e8dad8/gdpr=0/ Frame F0E4
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d8ae7f61e0e8dad8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d8ae7f61e0e8dad8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QSgnTMUbnanSQgQS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.216.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-216-185.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Sun, 25 Dec 2022 11:08:33 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.11.123

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d8ae7f61e0e8dad8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QSgnTMUbnanSQgQS
2546D8BD-510C-4044-B55E-2B921A9DF6DC
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 43BA 		0
675 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/2546D8BD-510C-4044-B55E-2B921A9DF6DC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77f11e94fa3f90c4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 11:08:33 GMT
server
cloudflare
vary
Accept-Encoding
SPug
image4.pubmatic.com/AdServer/ Frame 7DD3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0ec763a8-2f2c-4800-82c4-1ac66ed396f8
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0ec763a8-2f2c-4800-82c4-1ac66ed396f8
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 25 Dec 2022 11:08:33 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x9 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0ec763a8-2f2c-4800-82c4-1ac66ed396f8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 25 Dec 2022 11:08:32 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7DD3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3506663725266119622&gdpr=0&gdpr_consent=&us_privacy=
1 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3506663725266119622&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 25 Dec 2022 11:08:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3506663725266119622&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 7DD3
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9066383568577469336
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9066383568577469336
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 11:08:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 25 Dec 2022 11:08:33 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
524c072e-641c-4f99-aca2-7a63315a9fca
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9066383568577469336
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 075F 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F93C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BIAjEKy-oY7fJK7ml9u8PqKOgsAOs0smuRgAAABABILGBnBw4AViC7sTSgwRgleKQgqAHsgEPd3d3LndhbGxhLmNvLmlsugELNjM1eDM2MF94bWzIAQXaARhodHRwczovL3d3dy53YWxsYS5jby5pbC-YAsCvBakCmpdAKIglkz7AAgLgAgDqAiM0MzAxMDc4NS93YWxsYW5ld3MvbWFpbi9wcmVfZGVza3RvcPgCg9IekAOMBpgDyAaoAwHgBAHSBQYQ4sOnhReQBgGgBiOoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=os5L4CUoyN0&label=videoplaytime25&ad_mt=3951&acvw=sv%3D941%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D2944,790,3274,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4106%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1250%26pst%3D398%26dur%3D15000%26vmtime%3D3951%26dvs%3D0%26dfvs%3D0%26dvpt%3D4053%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D3114%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D955845494%26psm%3D-2147483633%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671966504433%26ptlt%3D1671966514693%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1671966508789&sdkv=h.3.549.0&vci=CksIARoER0RGUCADKgo2MTg1MTQ4ODk4MgwxMzg0MTczNTQ0OThAAFIjCJYFEA8lAABwQSgBOgd1bmtub3duQgd1bmtub3duSIkOUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 7DD3 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
unip
trc-events.taboola.com/1245572/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=11292&scd=9&ssd=1&est=1671966504220&ver=35&isls=true&src=i&invt=6000&rv=1&tim=1671966515513&vi=1671966504190&ri=68358b65bef97a8d9352eb9a9232dd26&ref=null&cv=20221222-8-RELEASE&item-url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=BuCBOIDjlFhvDAA4I2&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=14717&o=1600&w=1200&j=30&R=1&W=0&I=0&E=4&e=4&r=&PA=https%3A%2F%2Fwww.walla.co.il%2F&b=2766&t=jtqHADAGU_HCR3h8vI7d9aBbmZ7P&V=139&tz=0&sn=2&sv=gIzxTCjmykBCc8O9aOYdkZnphTU&sd=1&im=067b2fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.222.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-222-86.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 11:08:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
dt
dt.adsafeprotected.com/ Frame DBC2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=e95000c2-d433-a679-4324-8f6dad2f834f&tv=%7Bc:xO0u6b,pingTime:5,time:6646,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:53%7D,%7Br:r,w:160,h:600,t:275%7D,%7Bpiv:100,vs:i,r:,t:1642%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5004,o:1642,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:52,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1629~0,2~100%5D,as:%5B260~0.0,1371~160.600%5D%7D%7D,%7Bsl:i,t:1642,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:146,fm:tr1D571+11%7C121%7C122%7C13%7C141%7C142%7C143%7C151%7C16%7C17%7C18%7C19*.990511-61634098%7C191%7C1a1%7C1b.990511-61634100%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:55,sis:528%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:36 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
all
csm.eu.criteo.net/ Frame DD4D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=R-aKnUBEE-4gg2Iyh8exjU9UvsP-XerQCQVfkldHEF-bQTAJYcHWGr-6D1HWiiZaX8ALUEukvAyCD7-ma-I3yil13BNHapqwUYhfEWDs3EHIJY33JTWa3HTodrESTJTsnwES9RnDSYXjKaCUOdY1IVQ5IjAF9fXqLd1Rllu1nRhhWIvFtW-m2Mszx08RJ3PRCywhgOrz7L321UFGbJAO02YFERWD12w9xlrJmpMKbZgamkw8Den_vPH1i4XDlmTTMq7mFQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAANspoH_ZNKAAcub98_BIzTDDsaypeJ6A&u=%7CpZor3lnw5cb0rOnJPYLzMtYHvUryujkg1BLZHdd1W5g%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov8yNUTmRm-64_EFOk370sBpJRx22Cb4sR1H5n9kZo8bzxVy8btnIbaGtbddUFI_wj4n1iinBnPSVtJD-vNPtsEGsmSVwY8sDxWPIj65nbqkGUUDDSFVKZAixjGh0ZaSqRh_nnxZTDfm1oY2DzFY9ndkoHWGc-FTnYh8E6tp4G5elKuXgZZb_nyn0gKDUNBanf0TsJUHrVLvqwdQVfDXK0zCloNeXSHKzQP-XxfLvvJo8hqgX0sORuF23HpzihdcnAuSD217I6zAtr6JQEM5dJOJhgoB17cnIdtcH2PyGZe5DN3Ro0FA-15T5UM5EV3cz-L8Au0qQ-cO-1tH3Tc0yjEzp9I_ZdSsg_NF4yB8Lf7GABYJ8Stp8-K_zgx2fe1dWgGLPqP0QRV5a5y3PyNbXyhdtpguxEz05qaAHXr7sd0AX-95DrONpUVOVrRpukfDPXzJni7tLEEQ9UhBhwnfzhGyFUKUSXXujoeW0DG-a3ozkt5_KtqaVC5bsV2kvkQ2aL9ntH6Ekxryh852rlr4gBy-b9tIgqg_tKb-v03MqVhZJO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_XhlKC-oY5rlNsqm9u8P79ycyA_JntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAmx_3a8j0LE-4AIAqAMBqgT9AU_QUbbR2MSaLlYSfdzvSPisKZUctLwFr7-EgdfcLuJmv6K_9qqOo3GZ3-Kwt1GpF0a-K0BXIKf3NrM1ATG1LJq1S3B9ULmZsoEAcQC94wyLaZEjuylPpZF9XCWXkcX7UB76KGp6lWROS6F6cZ1KFjp-7rm6u1-bM4TFVXn1_YTbwRCfdfg-uIs_ULvJBdx15evgPGGh36FhDlr6Q8uDVQcfXswB9H6SbOK3piNhO6-9X4CE_hyhVBDQVDbPtJBZi6pWDQCSfrmHnzRfV8kmHMnaK3MmWWZ0BFqre8ANiTuvuETSIAqOvm_ybXYeyM4N5JFC-a6NEW8d9mUYOTXgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QPj6BJFtUhHxIaZJBGXE3AdZp4g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 25 Dec 2022 11:08:35 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 350E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=GXJquEBEE-4gg2IyAwYcevAiFrEFVmkGX7qHbz6N7yQfPSlssXuCh27xAJlu4mHZxUpE6_Xb-jrLSpLFivKGhN6RXZk7Nhu7_fC786t9PtCTA2iFUINCzwUDvXMbjEs40YfynOgpm0OuRPXi1Yhv4stXqBOLlrOf99nIXsvwEFRnBIFA9fXTZoG8fD4M27nK9qtI0uuuYbgEcm_4DHm-bS2Ox1ZL-_D-6s4rB_Cb3nZ7SfYcG8MWZHRsDGkersqBEBHeNQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6gvKAAGe1EIu-WsAAJ3X5nanIul1ok4sUcy6A&u=%7CpZor3lnw5caMPVBZhcYIJuuwwuFwTOCe9HDkY43pmpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0vIGC0BsNEtkG6WX-v4HWH_fW7WaPZXNpFjrPJ6yt7qMy06JdEC7AYnUMYZ0KgcAza8Y8L9xZ-6BbWrDYMyjASKbg83MYgHEgWylMwXBa11bJffyJuPX1S3o3ZAwiVetCqOeXStZ8bng2B2MyPGCSipvrtJLVmZuVwEY2gITwD_Yp54cB7RMhL1OLuOpkWxeoFpLS5hSJIBJiilfWQ3_uKOuNXRV4wFXt-PyEPcE3xkLwQ_UwXGYzHGG3YSVM_0dvt-QwYga65cPQGGIh15C2XKXZh_DaK3uBrG2_6lpFPlgf7FAywEPyIh1gAgTD7vL8iFQlkUfmQNO_8d5VQa6Aoosa0NxFYA2NUoMyVe6hMw32jlriywRnj-hHqSluyzkp3T8I4bLpx80n6XvYcQu0PKn_iXbOTFDmH0uMJWGQfn-y3RH-D21jR216n8UJERQLk2lKrqJ6ybh1oUM5w8xCKZM93cJevza0rAAaw7D9b5fZefD2FlRML18sbYjZ3Wx0_gxqUZuAatF2HkH_sUYI7SCOzJMtiRBA8EIehb1QRQ4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iZsKC-oY9H2GazL7_UP3-6JwAHJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJsf92vI9CxPuACAKgDAaoEggJP0Gp4xyGFK2ScOD3xqZX8l5SLowH3ldoFkZ2FisG15SRS4rzVmhNwHOkKcYWhqwul1MOzQfMbvncjvdR4KLUepaXFWQ1a06AFmYSG5TSzqr5DOYah4IDAB0FxYSAu-y-uKZcA3GQSkgl7CUKdpeCvJ8zcE2jbNRke4CKVMqNNMH7zEuQDzjMZ3QS_ExCTsNTWIIEL_RNVAf9YWN3GbKMoakzKHvk0VEfnYkbC5zoUta7i8i60bbwprkstoGWT65sWMot_f4uWtRl1kyq4HEvJYiVfdQApv7FoOtLcZauVy-BDffgprzMUvKhOZSlwG7wOhWxV8cSYgJfsXcqGLDfDuSLgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1IBSihV1XSSyAMJF1RwlpO8D8TdQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 25 Dec 2022 11:08:35 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
prog_index.m3u8
live.wcdn.co.il/news/ Frame FE53 		419 B
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.wcdn.co.il/news/prog_index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.130.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-130-109.kix56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afbf40563c4eb6e060850ce5d51a61ee75d613ee5501ebf0ade0dc350d8af593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:08:39 GMT
via
1.1 e06dfcdb8abf82709b7aa659a8d098ce.cloudfront.net (CloudFront)
x-amz-meta-user-agent-id
news-ftp-user@s-91b1139c587448219
x-amz-cf-pop
KIX56-C1
x-cache
Miss from cloudfront
content-length
419
x-amz-expiration
expiry-date="Tue, 27 Dec 2022 00:00:00 GMT", rule-id="expire_old_segments"
last-modified
Sun, 25 Dec 2022 11:08:34 GMT
server
AmazonS3
etag
"be228da79cb78df890bab531044a3f70"
x-amz-meta-user-agent
AWSTransfer
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
FkG6oeMsP1GKjAcnrPXrzV1A9TjAnGix5kNMU7mri9Wi22d-FlBv_A==
91804681
mc.yandex.com/watch/ 		43 B
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/91804681?page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&hittoken=1671966505_d2ae30ece00c8fd787f96a97e2e8518aba25136774297cdf63857ae780e2a0a0&browser-info=nb%3A1%3Acl%3A3575%3Aar%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A1%3Als%3A354277978640%3Ahid%3A251923799%3Az%3A0%3Ai%3A20221225110838%3Aet%3A1671966518%3Ac%3A1%3Arn%3A1071873832%3Arqn%3A2%3Au%3A16719665031048893011%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C13209%2C13210%2C6%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1671966498001%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671966518&t=gdpr(14)clc(0-0-0)rqnt(2)lt(498100)aw(1)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:38 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 25-Dec-2022 11:08:38 GMT
content-type
image/gif
access-control-allow-origin
https://www.walla.co.il
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 25-Dec-2022 11:08:38 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F93C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BIAjEKy-oY7fJK7ml9u8PqKOgsAOs0smuRgAAABABILGBnBw4AViC7sTSgwRgleKQgqAHsgEPd3d3LndhbGxhLmNvLmlsugELNjM1eDM2MF94bWzIAQXaARhodHRwczovL3d3dy53YWxsYS5jby5pbC-YAsCvBakCmpdAKIglkz7AAgLgAgDqAiM0MzAxMDc4NS93YWxsYW5ld3MvbWFpbi9wcmVfZGVza3RvcPgCg9IekAOMBpgDyAaoAwHgBAHSBQYQ4sOnhReQBgGgBiOoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=os5L4CUoyN0&label=videoplaytime50&ad_mt=7670&acvw=sv%3D941%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D2944,790,3274,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7824%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2265%26pst%3D398%26dur%3D15000%26vmtime%3D7669%26dvs%3D0%26dfvs%3D0%26dvpt%3D3718%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26ic%3D512%26cs%3D4626%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D3114%26femvt%3D0%26emc%3D43%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D955845494%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671966504433%26ptlt%3D1671966518412%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1671966508789&sdkv=h.3.549.0&vci=CksIARoER0RGUCADKgo2MTg1MTQ4ODk4MgwxMzg0MTczNTQ0OThAAFIjCJYFEA8lAABwQSgBOgd1bmtub3duQgd1bmtub3duSIkOUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIh_OozdCU_AIVJ8ERCB1uaQdTEAAYACCymq5XQhMI0KrKzNCU_AIVrOW7CB1fdwIY;met=1;&timestamp=1671966519577;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A386 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIh_OozdCU_AIVJ8ERCB1uaQdTEAAYACCymq5XQhMI0KrKzNCU_AIVrOW7CB1fdwIY;met=1;&timestamp=1671966519577;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 11:08:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| oncontentvisibilityautostatechange function| addScriptPromise object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist function| ga object| WallaTargeting object| _sf_async_config object| _cb_shared string| loadDataState function| ym object| __LOADABLE_LOADED_CHUNKS__ object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| _cbm object| __twttrll object| __twttr function| desc function| category function| author function| tags function| age function| gender object| ptag object| f object| ktag string| path object| z object| permutive object| regeneratorRuntime string| __strip_step__ object| gaplugins object| google_tag_manager function| postscribe object| google_tag_manager_external object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| _0xc513 function| _0x548d object| _vadHb object| vadprebid object| vadprebidChunk object| ADAGIO object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater string| GoogleAnalyticsObject object| gaGlobal object| gaData object| google_conversion_id object| google_custom_params object| google_remarketing_only function| fbq function| _fbq object| _tfa object| Ya object| yaCounter91804681 function| PlayerSdk object| WallaPlayerApi object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| a function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| sas object| apntag object| _ADAGIO object| sw_consent object| ONFOCUS object| closure_lm_295904 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| GoogleGcLKhOms object| google_image_requests

122 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _cb
Value: BuCBOIDjlFhvDAA4I2
.walla.co.il/ Name: _chartbeat2
Value: .1671966500679.1671966500679.1.gIzxTCjmykBCc8O9aOYdkZnphTU.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _t_tests
Value: eyJZdEhwTmNlVXowejlPIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJCS2sxcUkiXX0sIkhIckE4U3hwQVVvMUUiOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkNwQ0JiTiJdfSwibXVpSWEySmVoTVlZdyI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiQlM2Wk1KIl19LCJsaWZ0X2V4cCI6Im0ifQ==
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.walla.co.il/ Name: _gid
Value: GA1.3.1769622307.1671966503
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.walla.co.il/ Name: _gat_UA-249518521-1
Value: 1
.walla.co.il/ Name: _ym_uid
Value: 16719665031048893011
.walla.co.il/ Name: _ym_d
Value: 1671966503
.walla.co.il/ Name: vad-loc-code
Value: de
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2408310263fake
.adnxs.com/ Name: uuid2
Value: 9066383568577469336
.mc.yandex.co.il/ Name: sync_cookie_csrf
Value: 492347742fake
.walla.co.il/ Name: _ym_isad
Value: 2
.rubiconproject.com/ Name: khaos
Value: LC39ORC3-A-KJWS
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo2/rwNBCB3VT5APvdogVCbaTd6KyMQnaub55ZO9yeic+TsNJ37y8tbuOYdOTdJHhk5p164vmVCVSYbB5SW5XQ37GGGOiqNCvuma+WVcS1g3g==
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2276716518fake
.walla.co.il/ Name: _fbp
Value: fb.2.1671966504690.2075383010
mc.yandex.com/ Name: yabs-sid
Value: 798317751671966504
.yandex.com/ Name: i
Value: XmWZABwGmsJHjpIvgm4qgZIQYExNJdPSv+xyfVH+xjgcVrUEpy8eONxDWvxBqeFuf7gUfkLID2yjRn+XrBVvwBLwbcU=
.yandex.com/ Name: yandexuid
Value: 4023282961671966504
.yandex.com/ Name: yuidss
Value: 4023282961671966504
.yandex.com/ Name: ymex
Value: 1703502504.yc.1671966504#1703502504.yrts.1671966504#1703502504.yrtsi.1671966504
.walla.co.il/ Name: __gads
Value: ID=c55b18a6470aca17:T=1671966504:S=ALNI_MbJcPQXJFJ2lj-epSN3WrihwC66xg
.walla.co.il/ Name: __gpi
Value: UID=00000b98205eca10:T=1671966504:RT=1671966504:S=ALNI_MaoAulSlA_ruPAwAS8X4gTHKUmI6w
.doubleclick.net/ Name: IDE
Value: AHWqTUkVhvHg7eznX_RshidKbLrRtuobNCENXot3niRt-bKVGwI5VbWs-Iz9qGZz
.creativecdn.com/ Name: u
Value: qckcMfmLpA5bPHNZqVzE
.creativecdn.com/ Name: ts
Value: 1671966506
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1671966504.1.0.1671966506.0.0.0
.ads.stickyadstv.com/ Name: UID
Value: a450a680d12d18759dfdb06197d9f5f7
.walla.co.il/ Name: _ga_L30GH6X3WK
Value: GS1.1.1671966504.1.0.1671966506.0.0.0
.360yield.com/ Name: tuuid
Value: 8e27dbfe-4a2d-449c-aef8-4b12b8753d6e
.360yield.com/ Name: tuuid_lu
Value: 1671966506
.casalemedia.com/ Name: CMID
Value: Y6gvKq9s.FAHyA6h3-qF0wAA
.casalemedia.com/ Name: CMPS
Value: 2142
.casalemedia.com/ Name: CMPRO
Value: 2142
.walla.co.il/ Name: _ym_visorc
Value: b
.spotxchange.com/ Name: audience
Value: 74f8ac9a-8444-11ed-a708-1d0a0d900506
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2546D8BD-510C-4044-B55E-2B921A9DF6DC
.yahoo.com/ Name: A3
Value: d=AQABBCsvqGMCEGhwI2Y_NAf_SbHY_wLWRM8FEgEBAQGAqWOyYwAAAAAA_eMAAA&S=AQAAAhK4gcESalPK49oikSnkIP0
m.exactag.com/ Name: exactag_new_gk
Value: d002a5c12bbf4a33972234441fa462f1%7c23.02.2023+11%3a08%3a27
m.exactag.com/ Name: exactag_new_uk
Value: 7259f1f00b1148419caf74b562104bf2%7c
m.exactag.com/ Name: session_session
Value: b7bbb984e21e409391117ea4
.vtracy.de/ Name: tr_id
Value: vi-28536cd8-9a68-493d-9aa5-4988c3dadb17
.vtracy.de/ Name: tr_dt
Value: 2022-12-25+12%3A08%3A28
.zeotap.com/ Name: zc
Value: 504e0f7a-a2a0-41b9-74b7-1c7668274c8d
.simpli.fi/ Name: suid
Value: BC806B8A802B45B6B6D7B02B864C15F9
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.8583586796627608472
.weborama.fr/ Name: AFFICHE_W
Value: bmJsYNY7wrtu94
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-9066383568577469336&KRTB&23339-9066383568577469336
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8583586796627608472
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGpR2AMO6Dsc-fpUXTHIpqs&KRTB&16514-CAESEGpR2AMO6Dsc-fpUXTHIpqs&KRTB&23025-CAESEGpR2AMO6Dsc-fpUXTHIpqs&KRTB&23386-CAESEGpR2AMO6Dsc-fpUXTHIpqs
.walla.co.il/ Name: _ga
Value: GA1.3.777851744.1671966503
.mathtag.com/ Name: uuid
Value: 0ec763a8-2f2c-4800-82c4-1ac66ed396f8
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:0ec763a8-2f2c-4800-82c4-1ac66ed396f8&KRTB&16736-uid:0ec763a8-2f2c-4800-82c4-1ac66ed396f8&KRTB&23019-uid:0ec763a8-2f2c-4800-82c4-1ac66ed396f8&KRTB&23208-uid:0ec763a8-2f2c-4800-82c4-1ac66ed396f8
.amazon-adsystem.com/ Name: ad-id
Value: A9X4DLvCy0erlK0duPdUIM8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adform.net/ Name: uid
Value: 7621813348636885045
.walla.co.il/ Name: cto_bidid
Value: 4kzjUV95QzRTeUVKN3p1T0RxdmZJYnRjQVVVM0N3S3BjU21CQk5oc21razQ4U3lzMWJ0d3MyTHBVcjQ1ZGFPQmV3WkxsbFNHR0Y3MmlHVjBRRk5RdEt1YjJmZyUzRCUzRA
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7621813348636885045&KRTB&23263-7621813348636885045
.w55c.net/ Name: wfivefivec
Value: PPSe07Uv1P9oRL5
.turn.com/ Name: uid
Value: 3506663725266119622
.w55c.net/ Name: matchcasale
Value: 5
.bidr.io/ Name: bito
Value: AAEkA07HUF4AACCOZ4vFlg
.bidr.io/ Name: bitoIsSecure
Value: ok
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&fed8f880-4dcc-4357-8aa6-f1e5a2874ca0"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzE5NjY1MDk7MjswMjHglvS1XRuP6mKq92YHhrizHJ1S9rONDYZ6n8n2ZDE1eQ==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2929:u=1:x=1:i=1671966509:t=1672052909:v=2:sig=AQEb0vw373kTxM9LlzuUy2xWDNNfKcxs"
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2E>5hg[rP!]tbh8i_iqf!oN/@E'zz<*Z0QcSn3bO<X@wGr0Ucijv@[k?taaKVO+UuH4yfTD._*Pl[i'pRL>iih.32<D>=J4L'l!5Hi3`4jug>5K_7j^Zb!N>/8WU3Q(TgA=r8Ue+.<Q!$PmIa/_P2
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI4ZTkwZjM0ZWMxMjBhM2VkYzdjNjA5NmNjYjNjODBhOSIsImV4cGlyZXMiOiIyMDIzLTAzLTI1VDExOjA4OjMwWiJ9fSwiYmlydGhkYXkiOiIyMDIyLTEyLTI1VDExOjA4OjI2WiJ9
.casalemedia.com/ Name: CMTS
Value: 5150
.smilewanted.com/ Name: sw_user_params_infos
Value: rak2B1Igd2HbHKm%2FpL4r%2FWidP6eIXhGMbHCFGWFNZeK%2ByyN%2BpXCtAG%2Fo5CbEeSSuN2j%2FRoY7lkATkQ6U%2Btg%2Fc7mjXY18XSqqQyZD78fjEKoZ5e%2Fsm2xMe%2B%2FKcUCMeUk917gfqY%2FwR2imWN7fzVJ4AeTX9tIpQrm2TF2Us8Oq8pvgYe1VyxJfozjmn2ZAoOOMSzI34Wo30sJOX83iw4Zj0lv7Lj46oMX3VnytwdWu%2FcezwCkgSgoBBjYZ%2Bv9YP5fxD7Z9QvNwzhgm6dRqiPfM%2BQeT1OuMQBHP9e%2BelUWH3eUXMjbb%2BLnsCPHAbABPafU8iZIA4Me0mvqgZTMt2hgNfQNjlDCmR5Oj6WauG%2FP3wQ1sr9c3SRUtoPfacLoWSalpB9o1F7VQAeTshe2yuC5CKlu1JTXzKae5bQKmVKUxEIGjFH%2F5baSUU07007OVAVoLqVGd1T8sLat73R88MKARHuz35Y%2FHbn8%2BC3Iz9J%2B71OM7NG902RfTryqfhqfZebzFA9H7uasnCBjkXATFNByGGg%3D%3D
.criteo.com/ Name: uid
Value: b8416559-71f5-429e-9a09-21d24c72d629
.walla.co.il/ Name: cto_bundle
Value: ViOVtF9SJTJCeTI1M1VTMTN2dUY3RHFQZ2ElMkJ5NVhZTVhrJTJCJTJCUTlueEh2VUFsJTJGdGNHWG55Tjd4RTVTa0NMM0s0b25tVlhiQyUyRiUyRmJvSzRDZExaU01NVmRSJTJGS2RLRlM1elpra1NNTW9YWEhKZkRBZEdFTlB0eVRrYWdWMyUyQmgxM0RDQTE1ZE1LSXBVbkRFZlR6UzV5bjc4WUlrUzBZaUElM0QlM0Q
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~291n:18z8~291n"
.adfarm1.adition.com/ Name: UserID1
Value: 7181041484772997273
.bidswitch.net/ Name: tuuid
Value: 1c2f6a4a-9b74-4da7-91c6-9b848caa60f9
.bidswitch.net/ Name: c
Value: 1671966511
.bidswitch.net/ Name: tuuid_lu
Value: 1671966511
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7181041484772997273&KRTB&23278-7181041484772997273&KRTB&23369-7181041484772997273
.onaudience.com/ Name: cookie
Value: d8ae7f61e0e8dad8
.onaudience.com/ Name: done_redirects147
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 7cb052a1-714e-4a1a-9783-eb653e5c451d.441180511
.quantserve.com/ Name: d
Value: EJUBCwHyJ_ijAA
.quantserve.com/ Name: mc
Value: 63a82f2f-de077-6df6a-f854b
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-CnCRkQ4lws8RJ5WZC3Tdn1glxsgRJcicCCFQScFN&KRTB&19420-CnCRkQ4lws8RJ5WZC3Tdn1glxsgRJcicCCFQScFN&KRTB&22979-CnCRkQ4lws8RJ5WZC3Tdn1glxsgRJcicCCFQScFN&KRTB&23403-CnCRkQ4lws8RJ5WZC3Tdn1glxsgRJcicCCFQScFN
.fiftyt.com/ Name: fifid
Value: b577c481-0690-4db8-5814-e8fdb22ed6e9
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_d7a5745d-14cd-42a0-bd7d-eae09c8a3d5f
.semasio.net/ Name: SEUNCY
Value: DB54EEDBE662B7E3
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-1c2f6a4a-9b74-4da7-91c6-9b848caa60f9
.fiftyt.com/ Name: cs
Value: MTY3MTk2NjUxMnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fO6MAesRTGRNHFuCxWucp_xfHn78FoxnfHLQgzFrkO_e
.fiftyt.com/ Name: fppm
Value: 20221225110832
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 61277d579fcda398
.audrte.com/ Name: arcki2
Value: 920Kt1wfqAdQNaav8t6-cXn-g!20220908!1671966512214!ip#185.213.155.162
.audrte.com/ Name: arcki2_pubmatic
Value: 2546D8BD-510C-4044-B55E-2B921A9DF6DC!20220908!1671966512217
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-adbe8da8-ee76-43b9-4d70-36a0c6458bc6.kFYGan1iIMKAz8tqgyI8YY596eurhpkZGimuUYhscWA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Arb6NqO52Q7lNcDagxkWLxrnVm6I.O4p330QTUtz9vec3rqtTWn1CZC5NJ1LMBWVbrHLjTpA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-rb6NqO52Q7lNcDagxkWLxrnVm6I&KRTB&23334-rb6NqO52Q7lNcDagxkWLxrnVm6I&KRTB&23417-rb6NqO52Q7lNcDagxkWLxrnVm6I&KRTB&23426-rb6NqO52Q7lNcDagxkWLxrnVm6I
.smartadserver.com/ Name: pid
Value: 7941863614148787353
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAEkA07HUF4AACCOZ4vFlg
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEkA07HUF4AACCOZ4vFlg
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 158810:4
.pubmatic.com/ Name: DPSync3
Value: 1673136000%3A221_245_241_226_219_201_227_235_197%7C1672012800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1674518400%3A203%7C1673136000%3A238_166_13_71_22_234_99_243_8_251_176_54_55_220_21_204_161_3_81_233_56_165_88_7%7C1673222400%3A35%7C1672531200%3A15_2_223%7C1672790400%3A63
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c5616049-7aa9-4a42-a14c-724c419b99b0-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3506663725266119622&KRTB&23150-3506663725266119622
.pubmatic.com/ Name: PugT
Value: 1671966513
.csync.loopme.me/ Name: viewer_token
Value: 6cb8a8e6-957f-4180-85f7-6da51b50da9f
ads.playground.xyz/ Name: connect.sid
Value: s%3ATEjTbdtDbenxYILacajYUZn5KfrTi2aY.N2JFSyXOeKxfFfwnHdW%2F2aL3keheoSq7FMoAieW4Qes
.onaudience.com/ Name: done_redirects104
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y6gvMQAAAM_45gAp
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y6gvMQAAAM_45gAp&KRTB&22978-Y6gvMQAAAM_45gAp&KRTB&23194-Y6gvMQAAAM_45gAp&KRTB&23209-Y6gvMQAAAM_45gAp
.tribalfusion.com/ Name: ANON_ID
Value: aknseFtlix88qyTAZbCqocuP1ZbLn7KigZbWgJHS1FHZd04PFLvrqcvrhS8DUZb8TGL90VbAJZbSMZbJ9Vwr7S8XjZbH
.pubmatic.com/ Name: SPugT
Value: 1671966514

8 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-12-25
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9863.SfUexd44wxwCjvdDqTZfHkATbQP4HVRfmkxVcWD3T0iWf5FUZoZsuvOUOX2c2_XzvR10olB4tB9P6Qm0Fl5KEAIiR-ssaxiAV5fULLy2pBE%2C.YhDrDtIOQSy4Wg6HlzR0fmvS75w%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://mc.yandex.co.il/sync_cookie_image_decide?token=9863.wt462tTLBZj9I7EfOP8G4RXsA-xipIOYEggSu0yejxeXm18onHGixHZ0oqw04d9aB7LB7Aea-QdPSG3yBtO4vdz2VGhVrr-E1Yx7PLtmbSY%2C.BLt5BuL5VS8huf_7va2y0HoequM%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2546D8BD-510C-4044-B55E-2B921A9DF6DC&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d8ae7f61e0e8dad8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QSgnTMUbnanSQgQS
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a6f397343b7a7fcfec17550b72370903.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ade.googlesyndication.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ap.lijit.com
aud.pubmatic.com
b1h-euc1.zemanta.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cat.fr.eu.criteo.com
cdn.connectad.io
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.taboola.com
cdn.valuad.cloud
cdnjs.cloudflare.com
cf.dxmcdn.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dal.walla.co.il
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
images.wcdn.co.il
imasdk.googleapis.com
js-sec.indexww.com
khn.crowdad.io
ledger.crowdad.io
live.wcdn.co.il
m.exactag.com
mab.chartbeat.com
mabping.chartbeat.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mc.yandex.co.il
mc.yandex.com
mc.yandex.ru
mcdp-nydc1.outbrain.com
mp.4dex.io
mug.criteo.com
mv.outbrain.com
mwzeom.zeotap.com
odb.outbrain.com
onetag-sys.com
pagead2.googlesyndication.com
ping.chartbeat.net
pix.eu.criteo.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.smilewanted.com
prg.smartadserver.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r1---sn-5hneknee.gvt1.com
red.vtracy.de
redirector.gvt1.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.teads.tv
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
visitor.fiftyt.com
walla.co.il
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.walla.co.il
x.bidswitch.net
100.26.88.238
104.18.33.19
104.19.150.54
104.22.68.131
104.244.42.8
13.248.245.213
141.226.228.48
141.94.170.64
141.94.171.212
141.95.171.139
142.250.185.130
142.250.186.162
142.251.208.130
142.251.39.2
151.101.193.44
151.101.194.49
172.64.151.162
172.64.154.237
172.67.10.198
178.250.0.160
178.250.2.146
178.250.2.151
178.62.202.251
18.156.0.31
18.192.136.217
18.66.192.14
185.184.8.90
185.255.84.151
185.29.134.248
185.64.189.112
185.64.189.229
185.64.190.78
185.64.190.80
185.80.39.216
185.86.137.131
185.86.137.132
185.86.139.96
185.89.210.180
185.89.211.12
185.94.180.125
195.5.165.20
198.148.27.140
198.47.127.20
199.232.18.132
2.18.79.139
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
205.185.216.10
213.155.156.182
213.19.147.45
213.202.235.10
213.227.153.220
216.52.2.48
23.203.125.156
23.203.125.62
23.35.236.188
23.35.236.201
23.35.237.56
23.64.52.128
2600:1f18:1aca:4281:393f:1ce5:7a7b:3467
2600:9000:2057:2200:18:1fcd:351:7bc1
2600:9000:2057:2e00:4:1c73:c740:93a1
2600:9000:206f:800:11:da61:a100:93a1
2600:9000:214f:7200:8:48e:53c0:93a1
2602:803:c003:200::41
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:37ce
2606:4700:10::ac43:db6
2606:4700:20::681a:8a9
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:18ad
2606:4700::6812:372
2607:f8b0:400b:807::2003
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:800::2008
2a00:1450:4001:806::200e
2a00:1450:4001:808::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2014
2a00:1450:4001:82a::2001
2a00:1450:400c:c0b::9c
2a00:1450:400d:803::2002
2a00:1450:400d:803::2006
2a00:1450:400d:804::2003
2a00:1450:400d:805::200e
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a00:1450:400d:807::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::2002
2a00:1450:400e:8::6
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::8
2a02:2638::1c
2a02:2638::2
2a02:2638::24
2a02:2638::b
2a02:6b8::1:119
2a02:fa8:8806:20::2040
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42::714
2a05:d018:d29:3605:e8cf:44d0:158e:aa91
3.126.34.117
3.76.159.59
34.102.253.54
34.111.129.221
34.111.131.239
34.252.9.72
35.158.11.170
35.174.222.86
35.201.96.126
35.204.74.118
35.214.223.115
35.244.159.8
35.71.131.137
37.157.6.233
5.161.47.120
51.89.9.251
52.16.92.165
52.212.89.6
52.29.215.64
52.46.151.131
52.51.214.106
52.58.104.191
54.154.216.185
54.230.130.109
54.239.168.26
54.239.168.90
54.239.33.159
54.81.22.167
54.84.251.28
54.93.177.113
64.95.96.108
65.9.86.35
69.173.144.139
70.42.32.159
77.243.60.138
8.2.110.114
85.114.159.118
98.98.134.243
99.86.4.91
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0023271b534ec2b51cfe7db4da8a121440ed62735da06af94bc275150df99925
00778b7246ce1ad6cbc6085624d78cdeb6c805c67c60113beab05259080b7a25
00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a6b9a72430727bba744a0f46c69beb56ec0055e519636d48b08273eb7ce026
05bee3971ae2022eb6ead10ab837e39f076402b7c5fd5461bf0c19e30fb8d32c
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
06eb7c9cf2661fe4b8469b92be4a92fa31ae0c08c90256f6566182d620ff8f15
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
087c3619139052fdf6b632754ea281396db761a97c45c6bde98652aeeffd12d2
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09d3ddf519468c26889956c830c25e3a25c79a3a5e4b8e598927a28292412363
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10c007981a4a743e20370a98f01d87b29d17ca9267aff4494f455ca5d6e758a3
10fc98318d2b1839f0d1783b5dc616cc96954174df0fd185f49a5a51d6b5e361
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1305b2f052d8eaa0fa1e83f15dfbe15cb58cdff54c44a3a24daa273e2e523a75
13700217cde33c17e778e1905d2340655e93649b7949a5886f983410190ac1e8
138b890b79c58847ee5172c0f44fbf7f995e0e0ee34d66c65027b7f660be1a1d
13a90071ba0da543250344a8bba1ecb4b1c6597c17af39bc501186b4662b3126
146fd5371c16ec55c85e9053c6a0c38acc5effe5ee9cae931f12e256d9441cf8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1b44a17d4e96eb7536bd3293c4ca2865d994a3b6f173aa671bfbe9f8662ef078
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18
1d5549d8ab14b97ef868d3929ac04bccecbb023999002ccc8c73c5c3f5583f9a
1d81e152a4a3de5ae60a40182016085dcc80a47c159f88d964b560ef356fc6c5
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e0070fc411918cf0d31f55a58250abc08f2d745ed04191c0c237df3a5b3c746
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e36da77124c1e4d487d41ed4604cb51a1983e6444f3474ea022370aeabbe00e
1ed9687bbd4c0032c792b2edc2583868dc4b8af91e7adb1f6266c34cd59216b9
1f69cda4d346d1361e182ca51dfc0be0b484b548a8afd33fc4939dc63ff671f9
209ecb303748df30221579669f8deffdfe158e0e30eb70c769f952e3e6f56521
215b87b0d70a1da7c14b724129cfe52c887f672ae2e303fd4572572dcd93efec
23f84cc102c45c28c68a0cec609fab73f15b95f554b3e99efcf46d41450282af
2411113a71ec049b0133e163d82a3e69f55af1eae955e9aa44988149703a4d3e
26e7ec97b3a9cfe49e630a825ed644722eb1c76d5ad26789c7a077a996cca305
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
297f9ba17399952c1c714755f4e3a2b00b4ca7a911cf24533c26a3039b323700
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab6793dc8e7ecc84e623176376fac17df0d4513fc68ab392d3850200da5f13b
2af631673b5566da44672b219cc9a713a240f1f9b5d5531b9bf8328bbd249615
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2bca6ea3585ca623afd22764a22989ede09fbd4494fc36536d232a90733ae8e6
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d4b858c0e7906266e5342c077cb13a45cc546c1c678da9ca63a13a0940a7a7e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5947dae9c52affc607cbeb60710afa2d1601de4b9f2e7c1bf89a8817f00453
3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d
311198d7679812261f6a89c06edf84e12b53e6430cf53741cd233976aee48b8e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b7fe34672f874c1bdbc1cbfd84735a07aff08c1b0df1df162a281dc22052f7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35c90fc54b1726fa1031bb08365af385cc1e3efca08f8f236e621ef0f119e144
35dc98d4d5d230542ea1fbbef4e1632155545e01ffbe261346e0254a8620100c
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dfa844f58af2b8c6564ccb5a933edffd70ac5774082461c8167bc7b2f171b14
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42ef87c4ced078f8e09993b13826e459b53259070dd303bbc2bf8a910c47306e
43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4
443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e
44afc870d7276d6452cf6939d71bac20c61a1869aa28832bb555703187513bb6
45945e673e9facc8b3292790f069378dc73f3a7d2ee6729d773ae44ddde754ca
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bee2541e0f7fcce4eccfededbd3c50539a0cd7c804a4bde48ac5d2af16adf6f
4ca1b1c00c579b1e430a90337575300f7d2301d71998c99f300f496b5e0c5834
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
4cb52ca9c447ce1666eaf80c4d9c3ae0424d87fcc8bccc4fce42da852d92c303
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f42f0de4a342fa5e348271d4972ccbb3d2905c5062d10b8ce774ac57f0599d5
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fc65e436756cddb5fdfe98535eb5c0dadda31f81801a21fa4c0839d45daebd9
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505f3bfd3582a6fd8bf79ffc45ca2fbcd03ea35c54d42c7405fe757cb85e9549
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47
50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a
524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
52c6f029fe14eb4a0131517ddb73abbe6cc350e26848f6191569c9c3b1f4baf7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
561a01a2f3ceee457a50f08129d2d9427e843555ec8a4ad77bb614bdb2e1950b
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
57d72a447554a1e6d90171f0c80dbc94f19c4682384102bcbcc5a5cdb4ea4ebc
58c7c294273a121ef087b6da50f447f1de478a68a384803a0cb34c904b847712
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
598a26c3e45c18d7c30ed10d4dcec143cc96f3b86873dd7956f3b928addb4808
5b3d25736a9e22d91cae51e9a755fe36674bb65efae1fdac59c2ffb77cb700f3
5d4feea9ed002616d87e55cfc61a07f6873b4dea8c6a6f3ad68cfd691427f3f9
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5d71e8a076617b0ad9f9b40e0819dd3bd6ebc87ca622ed5faf59edf16a849512
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e35aa85514833036e24200de785c47bae867e2d1fc4a2998e876713a650a4a2
5ffd0d7eda36b8e9cca9c1a9e78d196dde0c1e1804e1bd58072f7449d521c3fe
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cdf97a31db183a3a1f1688398db5269b234fa608470ae36f6245f9d596ce71
64583de6c1973923e826f10067145e42149630a4a5784b6c7d30f0a03ce56d59
64b934c26f040486052e202be223cd7514f770a38a68edb67db123d997895cac
65c823fad87a2b57f9e3f6d2045aa3a863a01f9f3e94b7d9d239d6d8fa145341
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
696377de1577b91372ef55c127e09015fedd8285d281da110f450744f5e91a61
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6d7c4b9967766d1d1da2d1f817646ac4da38bbff10062cba2148f0c94d9ff345
6dbe3a6bd4c21a6ae12fea9419f370d1a1b0f4145ba0b0075ca7129ab1beed12
6fef513232cf178b7f19845f47d3626af39a48e80fe9d815e2a12d31add396a8
70a48180657ae5025e790b8668d45fe0bba88f0108f15e2a8e023d7a8b40fa89
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
730fdb98fe4649573d4739c34bded6043257a3e9deb6741e7cc33433e2380fd2
738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339
73c6945bcd7e307b148549101508f19611eadca01d317a0b5e26274dc3d2121f
74c7fc8a91ccbd41a67db3d66c8b10c9fe8b533015febb0dd9431e4d547eedde
74d314d3e4913173908c63034b70ee28512d55817ba026860ef559c1dd9d5f1f
757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d
75df470c79c76d59f49e328b91b3f106d44d3ed314db8c86a15a0f7dfcd47043
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
7784f43246a346a13467b1d171ee62b960d6abe399894f4259e155ee0879c503
78738761a05024dac63f846374f6276e4998655016f495ae8c1f50993862d9c7
78dda9ce7ff230c0e921c8910537faf20cabd61ee5e7f549b525f55107922bd1
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c332b30f5b4cb8a341863a69f75ff479a3627288e464ce4484c3ce235fb1039
7fb40cd83a36a21cd5a458899304a641711da0cf9498fafd1f15b9823165e24b
81277ba123bd23d362a498a0ef8a241851ef813e0226bcc86483bc4833657e48
8238c71a4eaa478365b5ade43d40246b88634330b567e0cb1f6782fd101011de
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84da8714ed2dc7517b5f011504350ec999762f66d7a4bb7ea5f1a7aaa1226ccb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8612ae01cc6b3e8bbb4ba5dd350b1dc9905128810791ca37e5203d6d6f126e5a
863894ee6d0e5445fe71542a9edaaacb908bf1da6fa4b68e0081a8545610f26e
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d6d8aa9116c8538da4416d44de1532dcf9f5ec4ddc85f4d524714e8ed918ee2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f1d54a7edd9966ae55a1760bd19d472b318718070d2b61a060f2d6f598fd690
9494a2132fd677a63d339a7d69c91efed0d6a2f5e54c2f3297bc39c9fd5e708f
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9
955740c284880a7a4875ab89b8ec6445290a54665057008832e5f55c9fa5bcd6
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
9645de6c362ec855f81b3a93644c026ed2b5573f8ba05ba1c7606117fc676823
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
980122f9717dd855a2e3aff2f0351f0e9674b0c06de00f97a2d2e0f5e81a2c44
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9938ba4bb49c0e231ed1d0c838c8c8be4093310b7211bc1651a678ec57230a3a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b82e6d600ee0a50651c809a19ecfe680a8d5716eae446025d66dc9ed31c58f9
9cf0fe1ec23eb952b5852bfe1559a64b3c77f3966ddffa4045e4baa3bcdb33d5
9cf2b5f927acff163effd6ef1ee5bc782dd52d602bdf6b166e24be81069154a6
9d3b426eab31bb93387e03383277a793a0347d1ff89a3a558479f674dc811e24
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2fc86d55a194928bdc42584b7b317ba3f5b8e8b7f634d4c03c7013e0c8364a5
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336
aa4075ac0bf01b9d1951136464d888cfa1c6f26ae888f9c948d15e49652d4844
ac5fa3e54bd386787b9cefa7e64c4511787aa0ddca8de9e014d66c33abc16769
ad6243a9e687a105ae6e5344bff45ec0d98a4495af4638a39093218629dba1ba
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae7d078e18a6ce17c1810177f9573f029353e5f7c19fcb0de5343a5229394358
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afbf40563c4eb6e060850ce5d51a61ee75d613ee5501ebf0ade0dc350d8af593
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b00feff24e52f629b0b791b10d75456f5bffaa22d8716fe45a984fe57d9d88a5
b03d38f615d199d1d4a7d887dbbce000111904f707de87ada964d5ce913d6c3e
b0632ac087f99222f515f300a79283837bf6ab3679bea139a2b3136e2da8fdef
b0fb8699c39fe9606920c79f29d2e612c35b9cd8c8f1bda2c1ce4317001bb641
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b191ac38b2566e66ed358a2bbf86cab02f95257571bf2ba354d5a777140232ee
b2adeac914dcbad5d7fda309bd9c78a827fe2ef393d1dc6658deb088b25eeafd
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b45d9958bc405ba9e80fe868a646ec8c42491b9d3c486848375f5ba4606c899b
b7631c96ff5faeae517b82fb121a9ba8158904ac5a4209fa8d037a2d6d2da1ee
b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817
b8216bf05060b2b3dce018bdc5f889863980c1e1f972d86c25ecf465e0a3cd23
ba12e4451c4f081743550469041d8e90401fa12aae6f6032ce944f39a1fa744a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
bca1f5f1e4bd09b0b47ad83142cbd83154ce3e56c578c1b513a484b244777029
be3f5035c6ea44640ca2f468d2de829b77c3d9dd500d525afc965d7ceafef06c
bfcfb8f7e492ecfc971cf8c903349eb9f5deaf66fe3ad2fabcb3fc95d38d32f4
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24bad101be9ecf42509350febb31dbe8667ba81748ca4bbe715eb14c62bceab
c310c209f5b5f37c2e2025dd681be2410552e7aa0aaf4a0558a3ffbb5aeffa6c
c3372bad905ea24cdcdb8c700a587c85d4d6662cb37ff9d4802a88226d0e6227
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c3e2c3a1252dbbb47647b91b7492bf3d6c3dc1d4a332ca14616bf8be075f0593
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c4fad01cb2158ad44b656710ad4fb40323f8f8f8ff67907e5332c3c3c4a9ad8c
c69976cd568b69a76e60900676f5e45c901c66b2cd4b0181e1ac468bc28c986c
c6f45cd4980401fdfe59cb07b2b7eb48d12f48cfc2e2b182789acbd55af59a32
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca1b594f35a3c3040480308575efda85b5734aaf01897ead3437e72ef1d420c1
caa1bfe16463f7b5d156c6c3117d6e78ed94b757b550bc13f985ce96f5fe9a54
cb19bae6e1e1ee4c65ebe7b77134662f6d39d53d8335225347049c7afda4b3b6
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
cfb83feea91c3fa522950a9ad4351cfc827453f8c0fe7775de68d8ef1020eb5e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d483d2ad6d3a77b03c5b38eb9153f51b4e8cd3fd3bfda4997e6ef661b6ec8a9c
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
da3691883cbe3cd8517487eebf2ae91e6d2be5478076486ff85bbc9a079f8102
da6193e2ac75f943e2a54cb33ff20c864c1e8e8add1f8b951360be6784f027c1
da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20
daa21d896f1bb4d044779b10b38fd7793654c8b214908be7ae812dbff9f083d0
dae24f1e957c8168b84dfb1c52ccc3558f79fdf62a79de2891a1c6d979448ca3
dc03335899ade7f7efe0b508cd892de15f460e53e0a6339fb23cde18be8bd9eb
dc694511bff51871e9dc5ece4e9504015ad4810b9c78ab8b686a0f774d00eb7a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dee96485eabec82dbc9ac45d71af325e01eed508532ef7489a2d10dc171e7e4b
dfc2cb394c69b1f1688373a0013052d0831e5dcb360c2c0e37e38fa4ddb225b8
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e122c3ab4bf481fa8edcd41987d5f9b3607360745dff98e2a9388ff03383e7c7
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1
e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3845fac52a38850d1badeea495a16ea5afb2aae87b1025fe65891c82cbc2860
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e205b7513de3ee7d42518eb06d335e5b65f3ca304309ec450dc18d514c4456
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08
e738c53ef449838876fe4764541af72c41a7a77123674f2df73d11872b8e2c87
e74f53479657f749946bf744b4b707f3dbdc77a65f44865a0bca802c6e5b3e14
e832dff1b5cf72365eb7021c2213f93fc47a0ddca3bc5cd5ebeb0c1b6701c10f
e88d0252b17c67a7272d2ef1c8b13481cd964a903996d7100e019b7dcf2117c5
e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e979abecd1399db67fd82347fd7f876e3a6c4e08a64970ca3a272b92056546c4
e9b5e558a2e998e35bfa4da7278959dca0a98f78f9a4e603dc1c1b8e5e2eb227
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ed9a1c0a002eebd39ff310d9a7d166a21448676cc03b5546a5bebfbc762b1742
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
ee077bc2beaaf1687350fbd0f6233bd541cbc2618d7ae4da233c550569c67b30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef75a90242e932b208657ba3acac84886c2dafe538ffc16696204c111e97584f
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517
f28943825ea1d72934cb8d4352b65c85956dee7957436e05efb26e3525f31658
f3f597277534f079b4b0aa41c31d83d2e137eab8b481b2a5bbebbebf4cb6410b
f42ec27f2c6d85ac310093af2b83337569831c813eda706f8aa1f481ce5d0573
f48a26731c5bedb73f2c65bc3537c096ee30acd40dc1dbc52ab9dc0c7300c28f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741
f71e15ebacccee8679e15161ad92cb00bfb35e6deb02c8f77a08be952ab079a7
f7721237c91b6adf9644c4c1a3f6bea66a5dfa29853bc9831b138d4f9bfa6687
fa069b65a5576e64c37ea1efeceb760256bdf3078aa872d5aa2c0c26e1333554
fae267ec6eaf92344f51d5d5dd696ff4db220c92a666330996fe277cbb12ecea
fba73d15cca96429f4746a270426aeb33a66499f24dfd2ccdf2183c59ec81a8f
fbd18c89877a8f89947d61c57ad9b01be67251ea3d1b88e3f89edcafc963ea66
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382
fe0be6fbbce024eeee81ede02e4094213d7cc8655518f18d10f346289d1cca2e
ff38736fe443f41d4f42ee6db1ae8a6b596fe4003a31b0b6fd66e8222161f391