urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
18.66.171.125  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://walla.co.il/
Effective URL: https://www.walla.co.il/
Submission: On December 30 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 126 IPs in 14 countries across 109 domains to perform 577 HTTP transactions. The main IP is 18.66.171.125, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 85090.
TLS certificate: Issued by Amazon on April 27th 2022. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.32.27.57 16509 (AMAZON-02)
1 1 13.32.27.118 16509 (AMAZON-02)
43 18.66.171.125 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
21 143.204.215.7 16509 (AMAZON-02)
4 18 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.42 20446 (STACKPATH...)
2 2606:2800:234... 15133 (EDGECAST)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
2 2a02:6ea0:cb0... 60068 (CDN77 ^_^)
9 16 2a02:6b8::1:119 208722 (GLOBAL_DC)
8 23.203.125.62 16625 (AKAMAI-AS)
1 34.200.93.8 14618 (AMAZON-AES)
2 52.44.88.224 14618 (AMAZON-AES)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 2600:9000:230... 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 151.101.193.44 54113 (FASTLY)
1 142.251.208.162 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:402... 15169 (GOOGLE)
1 18.66.171.63 16509 (AMAZON-02)
1 9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 20 185.89.210.212 29990 (ASN-APPNEX)
1 54.194.227.63 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 52.16.92.165 16509 (AMAZON-02)
8 199.232.18.132 54113 (FASTLY)
1 104.244.42.200 13414 (TWITTER)
4 2a03:2880:f11... 32934 (FACEBOOK)
10 64.202.112.191 23352 (SERVERCEN...)
5 23.203.124.192 16625 (AKAMAI-AS)
3 31 172.67.10.198 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 34.196.115.255 14618 (AMAZON-AES)
3 213.227.153.221 60781 (LEASEWEB-...)
2 3.65.162.40 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 185.86.138.124 201081 (SMARTADSE...)
4 51.89.9.252 16276 (OVH)
5 2a02:2638::24 44788 (ASN-CRITE...)
4 11 172.64.154.237 13335 (CLOUDFLAR...)
6 2602:803:c004... 26667 (RUBICONPR...)
2 185.255.84.151 200271 (IGUANE-)
3 185.64.189.112 62713 (AS-PUBMATIC)
1 7 34.98.64.218 396982 (GOOGLE-CL...)
2 7 216.52.2.19 30282 (AS-INAPCD...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 23.203.125.156 16625 (AKAMAI-AS)
20 2a00:1450:400... 15169 (GOOGLE)
4 31 2a00:1450:400... 15169 (GOOGLE)
1 4 141.226.228.48 200478 (TABOOLA-AS)
1 1 2.18.79.136 20940 (AKAMAI-ASN1)
2 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638:1::4 44788 (ASN-CRITE...)
3 35.158.251.131 16509 (AMAZON-02)
3 8.2.108.194 46636 (NATCOWEB)
4 5 185.184.8.90 204995 (RTB-HOUSE...)
3 3 185.29.134.244 30419 (MEDIAMATH...)
12 27 142.250.201.194 15169 (GOOGLE)
1 2 35.186.193.173 15169 (GOOGLE)
4 4 85.114.159.93 24961 (MYLOC-AS ...)
1 1 35.190.0.66 15169 (GOOGLE)
2 4 76.223.111.18 16509 (AMAZON-02)
1 2 104.96.128.226 16625 (AKAMAI-AS)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
3 4 185.86.137.110 201081 (SMARTADSE...)
3 3 3.64.76.195 16509 (AMAZON-02)
1 6 69.173.144.165 26667 (RUBICONPR...)
20 2a02:2638::3 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
2 85.14.248.71 24961 (MYLOC-AS ...)
22 2a02:2638::c 44788 (ASN-CRITE...)
4 2a02:2638:1::17 44788 (ASN-CRITE...)
1 4 185.64.189.115 62713 (AS-PUBMATIC)
8 18.66.112.124 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 11 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.167 1299 (TWELVE99 ...)
5 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
2 4 52.95.126.138 16509 (AMAZON-02)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 34.252.235.208 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 35.204.158.49 396982 (GOOGLE-CL...)
4 3.33.220.150 16509 (AMAZON-02)
3 4 37.157.6.254 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 213.19.147.45 3356 (LEVEL3)
1 185.86.139.104 201081 (SMARTADSE...)
2 2a04:4e42::485 54113 (FASTLY)
1 2a06:98c1:3122:: 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.118 16276 (OVH)
2 37.157.4.29 198622 (ADFORM)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
5 185.64.190.81 62713 (AS-PUBMATIC)
3 2a02:2638:1::2d 44788 (ASN-CRITE...)
5 7 52.30.188.40 16509 (AMAZON-02)
5 5 3.122.66.11 16509 (AMAZON-02)
2 2 18.195.219.151 16509 (AMAZON-02)
4 23.203.124.180 16625 (AKAMAI-AS)
2 104.96.145.246 16625 (AKAMAI-AS)
4 172.64.151.162 13335 (CLOUDFLAR...)
4 4 69.173.144.138 26667 (RUBICONPR...)
2 209.54.182.161 16509 (AMAZON-02)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 10 185.80.39.216 27381 (CASALE-MEDIA)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
2 2 185.89.211.12 29990 (ASN-APPNEX)
4 4 3.126.56.137 16509 (AMAZON-02)
3 3 151.101.130.49 54113 (FASTLY)
1 104.18.33.19 13335 (CLOUDFLAR...)
2 2 2620:116:800d... 16509 (AMAZON-02)
4 4 185.94.180.125 35220 (SPOTX-AMS)
1 1 35.174.181.179 14618 (AMAZON-AES)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 4 185.86.139.113 201081 (SMARTADSE...)
1 2 52.0.191.77 14618 (AMAZON-AES)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.87 62713 (AS-PUBMATIC)
2 2 141.94.171.213 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
2 2 52.30.109.223 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.241 21859 (ZEN-ECN)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 3 64.202.112.95 22075 (AS-OUTBRAIN)
1 2600:9000:205... 16509 (AMAZON-02)
2 3 198.47.127.18 3257 (GTT-BACKB...)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
2 2 35.214.223.115 15169 (GOOGLE)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 195.5.165.20 44968 (IPROM-AS)
1 5.161.54.172 213230 (HETZNER-C...)
1 64.95.96.108 32475 (SINGLEHOP...)
1 1 141.95.171.140 16276 (OVH)
1 1 146.59.148.16 16276 (OVH)
577 126
1    13.32.27.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-57.fra56.r.cloudfront.net
walla.co.il
1    13.32.27.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-118.fra56.r.cloudfront.net
walla.co.il
43    18.66.171.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-171-125.dub56.r.cloudfront.net
www.walla.co.il
12    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
2    2600:9000:223c:5600:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
21    143.204.215.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-7.fra53.r.cloudfront.net
images.wcdn.co.il
18    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
2    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:206e:7a00:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
2    2a02:6ea0:cb00::2 (London, United Kingdom)

ASN60068 (CDN77 ^_^, GB)
web-sdk.smartlook.com
16    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
mc.yandex.co.il
8    23.203.125.62 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-62.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    34.200.93.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-93-8.compute-1.amazonaws.com
ping.chartbeat.net
2    52.44.88.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-88-224.compute-1.amazonaws.com
mabping.chartbeat.net
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:2304:da00:4:1c73:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
3    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net
www.googleadservices.com
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.66.171.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-171-63.dub56.r.cloudfront.net
dal.walla.co.il
9    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
20    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    54.194.227.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-227-63.eu-west-1.compute.amazonaws.com
ledger.crowdad.io
6    2a00:1450:400d:804::2014 (Ireland)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    52.16.92.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-92-165.eu-west-1.compute.amazonaws.com
khn.crowdad.io
8    199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
10    64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
5    23.203.124.192 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
31    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
prebid.smilewanted.com
static.smilewanted.com
4    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    34.196.115.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-115-255.compute-1.amazonaws.com
hb.minutemedia-prebid.com
3    213.227.153.221 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce14.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
2    3.65.162.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-162-40.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
6    185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
4    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
5    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
11    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
6    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
waytogrow-d.openx.net
eu-u.openx.net
us-u.openx.net
7    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
2    23.203.125.156 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-156.deploy.static.akamaitechnologies.com
images.outbrainimg.com
20    2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
31    2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
sync.taboola.com
1    2.18.79.136 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    35.158.251.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-251-131.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
prebid-eu.creativecdn.com
3    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
27    142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
cm.g.doubleclick.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
ipac.ctnsnet.com
4    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com
sync.teads.tv
5    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
4    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
3    3.64.76.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-76-195.eu-central-1.compute.amazonaws.com
ice.360yield.com
match.360yield.com
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
20    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
2    85.14.248.71 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
22    2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
4    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    18.66.112.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-124.fra56.r.cloudfront.net
amg01742-walla-wallanews-ono-2eohr.amagi.tv
1    2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
11    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com
d5p.de17a.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    34.252.235.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
4    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
3    2606:4700:20::ac43:4673 (United States)

ASN13335 (CLOUDFLARENET, US)
lib.wtg-ads.com
4    2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a06:98c1:3122:: (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
3    2a02:2638:1::2d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
7    52.30.188.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-188-40.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
5    3.122.66.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-66-11.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    18.195.219.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-219-151.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
4    23.203.124.180 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    2a05:d018:d29:3601:4379:fd12:b154:f230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
10    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
2    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    35.174.181.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-181-179.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    52.0.191.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-191-77.compute-1.amazonaws.com
a.audrte.com
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
2    52.30.109.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-109-223.eu-west-1.compute.amazonaws.com
r.scoota.co
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    2600:9000:2057:1000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    2a05:d018:24:b002:3b6:bc72:6632:d6e8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
1    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    141.95.171.140 (France)

ASN16276 (OVH, FR)
PTR: bixel-6.cloudy.ovh
green.erne.co
1    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
Apex Domain
Subdomains		 Transfer
49 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
pubads.g.doubleclick.net — Cisco Umbrella Rank: 376
231 KB
46 criteo.net
static.criteo.net — Cisco Umbrella Rank: 743
pix.eu.criteo.net — Cisco Umbrella Rank: 5392
csm.eu.criteo.net — Cisco Umbrella Rank: 5670
274 KB
46 googlesyndication.com
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
229 KB
46 walla.co.il
walla.co.il — Cisco Umbrella Rank: 32568
www.walla.co.il — Cisco Umbrella Rank: 85090
dal.walla.co.il — Cisco Umbrella Rank: 73935
1 MB
37 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 741
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 739
image6.pubmatic.com — Cisco Umbrella Rank: 996
simage2.pubmatic.com — Cisco Umbrella Rank: 882
image2.pubmatic.com — Cisco Umbrella Rank: 1316
simage4.pubmatic.com — Cisco Umbrella Rank: 1564
aud.pubmatic.com — Cisco Umbrella Rank: 8381
image4.pubmatic.com — Cisco Umbrella Rank: 1480
image8.pubmatic.com — Cisco Umbrella Rank: 933
129 KB
31 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 5283
prebid.smilewanted.com — Cisco Umbrella Rank: 5844
static.smilewanted.com — Cisco Umbrella Rank: 12297
49 KB
26 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
acdn.adnxs.com — Cisco Umbrella Rank: 872
secure.adnxs.com — Cisco Umbrella Rank: 670
99 KB
26 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1645
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3882
odb.outbrain.com — Cisco Umbrella Rank: 1801
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6712
mv.outbrain.com — Cisco Umbrella Rank: 3085
220 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 760
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843
dsum.casalemedia.com — Cisco Umbrella Rank: 2369
18 KB
22 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 11057
ads.eu.criteo.com — Cisco Umbrella Rank: 5530
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7363
dis.criteo.com — Cisco Umbrella Rank: 903
gum.criteo.com — Cisco Umbrella Rank: 446
mug.criteo.com — Cisco Umbrella Rank: 1856
ssp-sync.criteo.com — Cisco Umbrella Rank: 1491
121 KB
21 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 63521
889 KB
20 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 330
433 KB
18 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 716
pixel.rubiconproject.com — Cisco Umbrella Rank: 452
eus.rubiconproject.com — Cisco Umbrella Rank: 832
token.rubiconproject.com — Cisco Umbrella Rank: 858
17 KB
15 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1916
sync.smartadserver.com — Cisco Umbrella Rank: 2229
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1085
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 721
7 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 142
2 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
region1.google-analytics.com — Cisco Umbrella Rank: 2124
21 KB
8 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
3 KB
8 amagi.tv
amg01742-walla-wallanews-ono-2eohr.amagi.tv
3 MB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 814
3 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 866
16 KB
7 openx.net
u.openx.net — Cisco Umbrella Rank: 983
waytogrow-d.openx.net — Cisco Umbrella Rank: 28441
eu-u.openx.net — Cisco Umbrella Rank: 2786
us-u.openx.net — Cisco Umbrella Rank: 698
1 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7498
3 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
280 KB
7 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 477
fonts.googleapis.com — Cisco Umbrella Rank: 127
474 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 871
adx.adform.net — Cisco Umbrella Rank: 3427
3 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 977
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
5 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 817
eb2.3lift.com — Cisco Umbrella Rank: 497
2 KB
6 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 17861
b1sync.zemanta.com — Cisco Umbrella Rank: 775
1 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2763
mp.4dex.io — Cisco Umbrella Rank: 3019
50 KB
6 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 48195
157 B
6 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1016
trc.taboola.com — Cisco Umbrella Rank: 842
trc-events.taboola.com — Cisco Umbrella Rank: 1350
sync.taboola.com — Cisco Umbrella Rank: 1388
21 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 411
2 KB
5 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 6152
sync-eu.connectad.io — Cisco Umbrella Rank: 5613
2 KB
5 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 658
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5452
1 KB
5 crowdad.io
ledger.crowdad.io — Cisco Umbrella Rank: 63863
khn.crowdad.io — Cisco Umbrella Rank: 54362
247 B
5 google.de
www.google.de — Cisco Umbrella Rank: 3658
adservice.google.de — Cisco Umbrella Rank: 5450
2 KB
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 1851
73 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
350 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 815
3 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 980
cdn.indexww.com — Cisco Umbrella Rank: 2921
3 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 456
1 KB
4 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1903
2 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1025
725 B
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
233 B
4 yandex.co.il
mc.yandex.co.il — Cisco Umbrella Rank: 219782
782 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
167 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 4199
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12486
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 918
828 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 791
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
2 KB
3 wtg-ads.com
lib.wtg-ads.com — Cisco Umbrella Rank: 25284
142 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 20128
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30309
740 B
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3376
spl.zeotap.com — Cisco Umbrella Rank: 4007
1 KB
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2233
match.360yield.com — Cisco Umbrella Rank: 3351
952 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 679
2 KB
3 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 5926
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 717
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
196 KB
3 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1476
mabping.chartbeat.net — Cisco Umbrella Rank: 11326
602 B
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1084
syndication.twitter.com — Cisco Umbrella Rank: 1366
133 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2100
mab.chartbeat.com — Cisco Umbrella Rank: 3178
26 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 2171
818 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1202
560 B
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 32320
1 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 41763
2 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 7169
623 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1792
1 KB
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2932
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1004
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 6134
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1114
530 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6509
560 B
2 exactag.com
m.exactag.com — Cisco Umbrella Rank: 10876
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1585
457 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 35086
ipac.ctnsnet.com — Cisco Umbrella Rank: 5807
919 B
2 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2554
42 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4327
1 KB
2 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 4980
811 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488 Failed
3 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 31712
17 KB
1 erne.co
green.erne.co — Cisco Umbrella Rank: 14488
367 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1952
283 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8778
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6635
277 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4735
462 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3231
645 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 914
239 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1147
518 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 963
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4330
104 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 821
511 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1014
621 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1248
759 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 35735
268 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3635
419 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 840
706 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
624 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
5 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1675
574 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1282
612 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 362
17 KB
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11371
552 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 846
616 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 175
17 KB
1 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
7 KB
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3278
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 55067
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 70543
246 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
577 109
Domain Requested by
43 www.walla.co.il www.walla.co.il
31 tpc.googlesyndication.com 4 redirects www.walla.co.il
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
27 cm.g.doubleclick.net 12 redirects c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
23 csync.smilewanted.com 3 redirects cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
22 pix.eu.criteo.net ads.eu.criteo.com
21 images.wcdn.co.il www.walla.co.il
20 static.criteo.net ads.eu.criteo.com
static.criteo.net
cdn.valuad.cloud
20 cdn.ampproject.org securepubads.g.doubleclick.net
20 ib.adnxs.com 4 redirects cdn.valuad.cloud
csync.smilewanted.com
lib.wtg-ads.com
acdn.adnxs.com
18 securepubads.g.doubleclick.net 4 redirects www.googletagservices.com
www.walla.co.il
securepubads.g.doubleclick.net
11 simage2.pubmatic.com 2 redirects ads.pubmatic.com
10 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
10 mcdp-nydc1.outbrain.com widgets.outbrain.com
9 www.google.com 1 redirects www.walla.co.il
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
8 amg01742-walla-wallanews-ono-2eohr.amagi.tv www.walla.co.il
8 pagead2.googlesyndication.com c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 match.prod.bidr.io 5 redirects ssum-sec.casalemedia.com
7 c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 ap.lijit.com 2 redirects cdn.valuad.cloud
lib.wtg-ads.com
7 mc.yandex.com 3 redirects www.walla.co.il
7 widgets.outbrain.com www.walla.co.il
widgets.outbrain.com
6 fonts.gstatic.com fonts.googleapis.com
6 pixel.rubiconproject.com 1 redirects csync.smilewanted.com
6 fastlane.rubiconproject.com cdn.valuad.cloud
lib.wtg-ads.com
6 prg.smartadserver.com cdn.valuad.cloud
lib.wtg-ads.com
6 hb-dot-valuad.appspot.com cdn.valuad.cloud
5 x.bidswitch.net 5 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 prebid.smilewanted.com cdn.valuad.cloud
5 bidder.criteo.com cdn.valuad.cloud
lib.wtg-ads.com
static.criteo.net
5 ads.pubmatic.com cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
5 odb.outbrain.com widgets.outbrain.com
5 mc.yandex.ru 4 redirects www.walla.co.il
5 www.google-analytics.com www.walla.co.il
www.google-analytics.com
5 www.googletagmanager.com www.walla.co.il
www.googletagmanager.com
4 rtb-csync.smartadserver.com 1 redirects
4 sync.search.spotxchange.com 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 acdn.adnxs.com cdn.valuad.cloud
4 gum.criteo.com 2 redirects static.criteo.net
4 fonts.googleapis.com securepubads.g.doubleclick.net
cdnjs.cloudflare.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 match.adsrvr.org ads.pubmatic.com
ssum-sec.casalemedia.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 csm.eu.criteo.net ads.eu.criteo.com
4 sync.smartadserver.com 3 redirects csync.smilewanted.com
4 eb2.3lift.com 2 redirects cdn.valuad.cloud
4 dsp.adfarm1.adition.com 4 redirects
4 creativecdn.com 4 redirects
4 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
4 u.openx.net cdn.valuad.cloud
4 onetag-sys.com cdn.valuad.cloud
4 script.4dex.io cdn.valuad.cloud
script.4dex.io
lib.wtg-ads.com
4 www.facebook.com www.walla.co.il
4 khn.crowdad.io d2r08ja41ypc0t.cloudfront.net
4 mc.yandex.co.il 2 redirects www.walla.co.il
4 region1.google-analytics.com www.googletagmanager.com
4 www.googletagservices.com www.walla.co.il
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
3 image8.pubmatic.com 2 redirects
3 b1sync.zemanta.com 2 redirects
3 sync-tm.everesttech.net 3 redirects
3 ssp-sync.criteo.com static.criteo.net
3 simage4.pubmatic.com ads.pubmatic.com
3 mug.criteo.com
3 sync.1rx.io 3 redirects
3 lib.wtg-ads.com www.walla.co.il
lib.wtg-ads.com
3 cdn.connectad.io csync.smilewanted.com
3 sync.mathtag.com 3 redirects
3 us.ck-ie.com csync.smilewanted.com
3 match.sharethrough.com csync.smilewanted.com
3 trc-events.taboola.com cdn.taboola.com
3 static.smilewanted.com csync.smilewanted.com
3 adservice.google.de securepubads.g.doubleclick.net
3 hbopenbid.pubmatic.com cdn.valuad.cloud
lib.wtg-ads.com
3 htlb.casalemedia.com cdn.valuad.cloud
lib.wtg-ads.com
3 b1h-euc1.zemanta.com cdn.valuad.cloud
3 mv.outbrain.com widgets.outbrain.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
3 imasdk.googleapis.com www.walla.co.il
imasdk.googleapis.com
2 sync.tidaltv.com 2 redirects
2 csync.loopme.me 2 redirects
2 r.scoota.co 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 a.audrte.com 1 redirects ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 secure.adnxs.com 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 s.amazon-adsystem.com ssum-sec.casalemedia.com
2 js-sec.indexww.com cdn.valuad.cloud
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 ads.creative-serving.com 2 redirects
2 adx.adform.net lib.wtg-ads.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 sync-eu.connectad.io cdn.connectad.io
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 m.exactag.com ads.eu.criteo.com
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 ice.360yield.com 2 redirects
2 sync.teads.tv 1 redirects c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
2 ads.eu.criteo.com c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
2 rtb.fr.eu.criteo.com www.walla.co.il
2 images.outbrainimg.com www.walla.co.il
2 hb-api.omnitagjs.com cdn.valuad.cloud
2 mp.4dex.io cdn.valuad.cloud
2 tlx.3lift.com cdn.valuad.cloud
2 hb.minutemedia-prebid.com cdn.valuad.cloud
2 cdn.jsdelivr.net cdn.valuad.cloud
lib.wtg-ads.com
2 googleads.g.doubleclick.net www.googleadservices.com
www.walla.co.il
2 www.google.de www.walla.co.il
2 mabping.chartbeat.net www.walla.co.il
2 web-sdk.smartlook.com www.walla.co.il
web-sdk.smartlook.com
2 platform.twitter.com www.walla.co.il
platform.twitter.com
2 static.chartbeat.com www.walla.co.il
2 walla.co.il 2 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 us-u.openx.net
1 eu-u.openx.net 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 s.ad.smaato.net
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 s.company-target.com 1 redirects
1 px.ads.linkedin.com
1 sync.taboola.com 1 redirects
1 prebid-eu.creativecdn.com lib.wtg-ads.com
1 waytogrow-d.openx.net lib.wtg-ads.com
1 id5-sync.com lib.wtg-ads.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 ssbsync.smartadserver.com c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 match.360yield.com 1 redirects
1 s.tribalfusion.com c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 um.simpli.fi ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 s0.2mdn.net imasdk.googleapis.com
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 syndication.twitter.com platform.twitter.com
1 trc.taboola.com cdn.taboola.com
1 ledger.crowdad.io www.walla.co.il
1 widget-pixels.outbrain.com www.walla.co.il
1 dal.walla.co.il www.walla.co.il
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.taboola.com www.walla.co.il
1 d2r08ja41ypc0t.cloudfront.net cf.dxmcdn.com
1 cdn.permutive.com cf.dxmcdn.com
1 ping.chartbeat.net www.walla.co.il
1 mab.chartbeat.com static.chartbeat.com
1 cf.dxmcdn.com www.walla.co.il
1 www.gstatic.com www.walla.co.il
1 cdn.valuad.cloud www.walla.co.il
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
577 181
Subject Issuer Validity Valid
*.walla.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.wcdn.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
valuad.cloud
E1		 2022-12-29 -
2023-03-29		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cf.dxmcdn.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
1688964705.rsc.cdn77.org
R3		 2022-12-29 -
2023-03-29		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-09 -
2023-01-07		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
crowdad.io
Amazon		 2022-09-28 -
2023-10-27		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
hb.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-24		 3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-19 -
2023-09-15		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
*.amagi.tv
Amazon		 2022-12-15 -
2024-01-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-12-28 -
2024-01-26		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
s.ad.smaato.net
Amazon		 2022-08-22 -
2023-09-20		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh

This page contains 102 frames:

Primary Page: https://www.walla.co.il/
Frame ID: 5A86FD4CBB40888A0D637EDD0F76FCAB
Requests: 245 HTTP requests in this frame

Frame: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Frame ID: 8E022AF413AE84575AA775C1822997E3
Requests: 21 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: 1594EE325E0C74925E963B1B0F5CD3A9
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 94AABE246FD95D48C33E53238AB32957
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5DD021B4B25B3B352872EDDBF582F1E8
Requests: 1 HTTP requests in this frame

Frame: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 73DCE01F1FC525E76512D618D6342A63
Requests: 1 HTTP requests in this frame

Frame: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4BBD21CEFE7CDA94B5B0CEDCEB96C302
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 23A2A4D7CDD7A647EF80460ACD3AA873
Requests: 12 HTTP requests in this frame

Frame: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 127CF1E0B7CCEEE69927B9C7479A7C9C
Requests: 4 HTTP requests in this frame

Frame: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 37BD42534381DBC5C947531623564457
Requests: 4 HTTP requests in this frame

Frame: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2E95E04840468E7F92F88023526F332C
Requests: 4 HTTP requests in this frame

Frame: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FE5F8F05EFA290C2A178F07F922BCF4D
Requests: 4 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 6A22DA047E0BC80F992EA572F4EDC6C8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/bb9fb5a7573c62c95bbe69fa91fcf756?gdpr_consent=&gdpr=0
Frame ID: 1DFDB3260D58A72E0149BB6407FD4719
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 500C52D3FDB82B8AFEF052A2B9B0DA4D
Requests: 35 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BEDBD716D977BE3AE41EF94E7818A6EE
Requests: 9 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 47C27D01EAF0702F1D7DE49CB757B338
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: A8641BE208BD39B8233AE412FAE45181
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted&tc=1
Frame ID: D825F6CBE388457EAC6F83875A2664DE
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
Frame ID: 6FF25DD9CF067D1A33F07BC2CB6D24AF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 3D39141BCDBABE00F874B0D901B7BFC2
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: C155C0727C4E4C77F1DEC29C8070E063
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/8ec0f249-cb91-4db9-91e2-a12f62f45b16&partner_id=1010
Frame ID: 937505444D29BCB94F483472C326DAD1
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: FCB48009D14DF63BAF24CC8566F26CC0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 88809F219649662807987CF730930FFA
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: E76FBEAE858D520FBA4F07E65E4AC1C2
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8e4663af-5a40-4400-a6b6-b7352681f2cc&gdpr=0&gdpr_consent=
Frame ID: 9E601485415CDA4FE68E3643BA4C5CE9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=629282677052548305
Frame ID: 59F21EA89D181B2AC79F755D0996481C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7EBE01D6DA4110B1C0CE72199CEF06A2
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=49D7B69C-5C27-4145-96D0-8B5DD56732B7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 9210668DF05082B9F7DD85120B381C9D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3200286950011710416&gdpr=0&gdpr_consent=
Frame ID: A59C873241B4CA5223D4058ABA371A7A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/49D7B69C-5C27-4145-96D0-8B5DD56732B7
Frame ID: 9D023230B4D31905A4DC5DC610A8F05F
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: D6A0540A0CA6D3D958EC1C7DCBBEE990
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUullQ9SqTXef03ykeDTkUSuPOAek-g98umq_bDjRPxiEzsFob945J6ZppARt2mHgmmCiFOwXlyhMg0eO2FtrtXSfcn4upIS2o4yC8Sw00EAL_IujifxW8YvEK3CzJwM1cjd9dqwEiMmdimTHkJKYkqGS3C2OuGyeCudI_oJyYNZjGN_ToMeL-r4pQlnafCo1bb1r7hjqG5VNWTV_2nde4NzrnNaqs8pBe59mipe8jdcaesTCtczNjdKL26QG2cwbV5VzOhn-EkWxe9hBWKHIZe1QjojGZsI_sYf874l6fHYJJ5wgQU3aEgDz-ATLJaROXIsVANjFQ9giuXB1sohOq4guMYibcWg&sai=AMfl-YQmNV8rHvsWXaxrsK3s6irr8ldmpajst1yItf18vC4UgCZwkKyjDjyJICnUl4-I74MjGXd1b88PsUQt6ZlNmtlTdRQYsSqPSZXbCE3KH3vqjPfXPlJrSgH7VWfB3h8o&sig=Cg0ArKJSzDaXNKmdYBJ-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 732A552D0A16992C9BA3992192C8F2EF
Requests: 3 HTTP requests in this frame

Frame: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0A4B1A0B23F8CFDF2E7D803A018ADDF3
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: A26F83BC9A6F764CC99FF7D4DA892BB6
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 168B8E2815E6F7A7530A597DFEC080F9
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 33D9098367CEC01958181584361A0AA7
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6114723EBCDCDCD03DA247889120B055
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: 8B47CCF5B2C358D3204B0F54920DB4B6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60FB92AF26CC3F9F2FE5513D36687CA0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9753947DFED9D231BC6F0EAEEA6F4C2A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 88C6A4629C97372B1E8A848A338E06E9
Requests: 16 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 9A04AB865BECA0CA3927231278279C20
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 061571AE5B731ED92F0B6C46D5D9B798
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8ACFCDCFB6F9EFD1A848269F1E3E045C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BACEC36ADC5426917495240975748450
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 19AAF48B2013BB437E9FC162A2151217
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 9EA9EECBCE48F27DCB567A0A1A6481FC
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 221BF0327EFAE9F5E39F1469AA313259
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F78430112D84DFF575436E125A33A0D6
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2800F6D39B7C1E765B996032285797AB
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AABD80C41581BF6730DDAFC104B171BB
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: CA40DF37E0DF2099D306BE048C9A1C2B
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13421168
Frame ID: 6B14B6EA55A15B7E3E56B76CBC16DF1B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1672436291093
Frame ID: 32AB843164BEDEDE89CD788EA1C0E3D0
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D69C402889B484D36EA702BA4A23670B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FFE4C0EE952E7B0668F6E642B6D58B0B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: FA25AFF57E08B3E209020E201924F18D
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0239954AB5CCF7DF3DB04BF9A47CEEE7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1672436287773
Frame ID: F873BEED5DA3566A8F68E01FCD79D80C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13421168
Frame ID: F9A049EF9F139ECBDF11F7C0B988EB26
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 08DF0961D7EE7F8E811CA795F9E8DFB6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 8BDD40E5143943CBC183F1FA5AB87FF4
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 019E1A68374063FFB4E8C463B58F1FC1
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 7D15C88BFDBD76A061F70D882ED60D57
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 3507CF0EC3877F969BBD79C36E5356C2
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 7240D511177D82251230FC938CC7C49B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted
Frame ID: 826C1CE3064627A771837E14153C3DC6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3EF55B1C33BB72DAA5522D49EC3818C0
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted
Frame ID: 23A8619D2B4CCD03325FB358C2AA3365
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
Frame ID: 1726C5BE2D19436B07DC9583EED94C6F
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
Frame ID: 512C5197CCEF691F719FF6D7CBA21727
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 8BE0C7BC97A95F858B3CA87A9B48F33D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 6CF02193DDBBADA66CBD6A39EE18022B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/
Frame ID: C349E5522036C0C627B985CDC284A42E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/
Frame ID: 2436FA1275B5FC25A6AFA3C64C915275
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 6D3C423AB5FE1B2EC80B92273EDFDD1A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: B6A7BF975B808680A348FAA189D295B7
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: C3BB079C4F6144BF222299D4E731DD89
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AC5F9E5714848AB9A6F547A57108019E
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y69aQU9woO92CHfmlFe-iAAA%261153
Frame ID: ABFA30BBA718FA331D232B2A40FCCB93
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y69aQU9woO92CHfmlFe-iAAA%261153
Frame ID: F961CA5647248B668C36B4ADD2778611
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/42f38542-888a-11ed-9de6-1fe3cd8f0306
Frame ID: EE10B10A78213FE74A172FF88F6A21AE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/42f66c10-888a-11ed-821d-10a0cca80206
Frame ID: 48D299C2D55A38E147505A805FF6E363
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LFP87S8Bqb83VaroL1CwuCsEpO43Vv--Igbtpp3Q
Frame ID: 9CFF7267C684CAE59A0906751C42DB5A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7183059161613924504&gdpr=0&gdpr_consent=
Frame ID: 171BD230DF93BADCD4778E9B2C1344B7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YdMcV8tfQXFPMBgK8vtrKVFfBSk
Frame ID: 7960E09EC236B35717F4319CF3B17D91
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAMzDU7HXrUAAB7WZSQZUQ&gdpr=0&gdpr_consent=
Frame ID: 2AD4B4F02DE7A661756117E2A97453AE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: 42C9B7D3F8D6488017325AB79B0837A8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: DDB2F7F928810957050F39A2A4C9AE59
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&gdpr=0&gdpr_consent=
Frame ID: 64E152A3D05E12C8D117DCEB86E22103
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y69aRAAIACecsAAF&gdpr=0&gdpr_consent=
Frame ID: 5CD444F097A27CE7022B9BC3EA807D05
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 13A0737C8A1F77C240A12A6081012AAC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: EDBAD3BB4612AADE8BB5123C7C327237
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4361023923
Frame ID: E457B6DF2479F0D577A58E35D5FA1B2F
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A8AC32B8C998A53EADB290590A688703
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 9CAEF137FDEE9C1E4D2B60E79210860C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F4D7BF60D25F159A3D828EE5982C1CA3
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f73fe5a2ee26a5fa/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7AicPGkHMTYMnVgXnnXUgVMg
Frame ID: D54F8BA26DD676BCDC88B5D654E8BDE6
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 92A7E39D4AAFA82E4D3231EFE4C62250
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 807FA18709A7CBC466CC45A31A4E8CEC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! - האתר המוביל בישראל - עדכונים מסביב לשעון

Page URL History Show full URLs

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

577
Requests

88 %
HTTPS

34 %
IPv6

109
Domains

181
Subdomains

126
IPs

14
Countries

8991 kB
Transfer

19747 kB
Size

150
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=505568ba-3354-4ee7-91e8-799d16bae297&adnxsUserId=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D505568ba-3354-4ee7-91e8-799d16bae297%26adnxsUserId%3D%24UID HTTP 302
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=505568ba-3354-4ee7-91e8-799d16bae297&adnxsUserId=3200286950011710416
Request Chain 103
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9868.6-2ChxL3xuylkA2kBfUNNMf0_fCIA1wnyIh9w4-UgFYgWZzhsXk4eNDMixoumD_G.8s37WcPdH4xttk8RBXYs7jWwFpQ%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9868.MmlSTnim_xh9DcPE7v334E3AgSTNMWuWNO_xYZn8T6WIw3RkqHlxkPASEGCVNSuyBUNjVtgUro_Fegc3P3ZooIheOMdXyiJ0Wo8KOpYrpB8%2C.27Y1bXe0mcMAh4IV_Gt31lJ78X8%2C
Request Chain 104
  • https://mc.yandex.co.il/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.co.il&token=9868.ASlX_JJGWrPzeggM-34oO_5qrWYGqujZEuCRFcj98J6lRphimwT3rT4uoe3AxWEO.4Y_GGvFnIoO-76-gCeylS0grhSA%2C HTTP 302
  • https://mc.yandex.co.il/sync_cookie_image_decide?token=9868.Ush0BD8r6plaadzhXyq0Kn1eyZQcpJcUdPask7qttjn9OV3nJeWLNhnpjSk6EyQaCRnQGwHSwiFIM50lEZoaqO1zSjzANBrVH0X5pxHtdiM%2C.S4LXhzbGKSIAKukMuYVspkBefrw%2C
Request Chain 131
  • https://mc.yandex.com/watch/91804681?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A297597792411%3Ahid%3A285242402%3Az%3A0%3Ai%3A20221230213806%3Aet%3A1672436286%3Ac%3A1%3Arn%3A469631235%3Arqn%3A1%3Au%3A1672436286411206565%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A17%2C71%2C44%2C125%2C338%2C0%2C%2C707%2C0%2C%2C%2C%2C1304%3Aco%3A0%3Acpf%3A1%3Ans%3A1672436283826%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672436287%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A297597792411%3Ahid%3A285242402%3Az%3A0%3Ai%3A20221230213806%3Aet%3A1672436286%3Ac%3A1%3Arn%3A469631235%3Arqn%3A1%3Au%3A1672436286411206565%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A17%2C71%2C44%2C125%2C338%2C0%2C%2C707%2C0%2C%2C%2C%2C1304%3Aco%3A0%3Acpf%3A1%3Ans%3A1672436283826%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672436287%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94%21%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 168
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9868.H8GvNupvOFolJs38mvcmDCte1RO8oeo5OjbhX3iKaDhystEbTvjIjjlvj_rxua5h.70jbZOyHJ9Q8yudDhbmH1caFK6E%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9868.65RZYYlCWqIglrNc60tCYqrrdrMLv3nZP0jmjyJeJqjNIvSroJk4ZMt-tBGPb4KUJgnTkYEnVWnvINTzXYqS4RsVRi8gIcD6JC_TGJTPwcY%2C.D_-Pk7P7SxLepy8BPJ2BbFeqVzc%2C
Request Chain 169
  • https://mc.yandex.co.il/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.co.il&token=9868.bDINv97u4issZbC9baRjz25kRDNN8ZwxYFgIOzUKWXomQIKF1-Ogt6eKYGbkVNr3.zDMr5TynLv1pfwAxGnozM9UsgBs%2C HTTP 302
  • https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9868.aCPijmwA5aAQ5o9xHogtuwGj-o-ikDaC_N3-FNwJpqna9t3oiI8W9Tp2ASAccO6FVOs-NnJ2QSW4iXFYSVCrUyCaYKj6l2iXU0fzc3BOxIU%2C.uFzmZ-k34aluSPqhHzNRh_1nV4Y%2C
Request Chain 198
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/bb9fb5a7573c62c95bbe69fa91fcf756?gdpr_consent=&gdpr=0
Request Chain 200
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstjEXFWDG2IkRck8uM9hrh_FpR9gqnchTfsgi9DvUC3d6muhf3PpUzz2LEf_AdQyYSIjv1rHpgELxBBpQKqWV74I5E5-IYQJ28kXKzVGf2bbIO6LE9MLO5j2duTlpmf9XHqJ9AhYoGCihgUJ1ZCQSOvN5xd062a3h4wFegLKdn9nYhKKOfYbSOUg0m7Lv7_lk6ZcMZ2s7_-z4jjKE3nix9egbN1qw4YnMr_-Jl-xAhbuj3WYDxUJGQ3_TiiQiibzmVDknzCoAW5QTgaVh_5el5xcYg5kj5a2DKlB2Atw-WgwchMZYQuxPnAevgqXRROVccKpw4n-Rvkr1LtRj4%26sai%3DAMfl-YTmaayefcmOP2_bwvePU9dNZMSF2RTK8TCZSYabQB-ht-22XniQViP1w4bI6-k6EceJps0udkNqG6hO30JKoPC7zEtHPq_4jVut3WBUqDXVQ6MDgzMUZ4fjSiBQrhZl%26sig%3DCg0ArKJSzCD_p6D-X3DhEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 202
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssyYfCdfE3B-ugycNBcrVo0trmyKOYHFCj2kCVed2X15zXclL9PZq4If7fQoPH6wzA7ly4I43h17vVZpiVbYY0uzpBgXTzLJIdLHicnr-ZUSoTNnHGYu26zZiJPiL0F2mwqP8QwQ4RJuMKmxUUIj5GYyDfZsTNBP-UasdrXBQv0gfiwY8VpOXO9nREn-4Pz8tMfxp1BEKH--r6LXH2Nw5FHS_I3Qe-MEYZahyOgRO8xqI2TGwd59gAcwwsYq4AfAjZ4t91pdtDQUv-pESfmOcMtmd7S-hCltqPC0hGlqRm3j0r9HhJgSwtnFf-MAjMzulyHdjpezIc2zeKC4ZU%26sai%3DAMfl-YTtOc8TEovnKZnXA9kxPywLZcgLFmPaxYQC1S2PD6rxHmmlW7DUrnttZ0kB2b-oDOi_BoYm-xTrYkQOBu_keNXUOqt0stMIHCctTdylXgSylCE-fLKhtlD5_0-zUalw%26sig%3DCg0ArKJSzFIJyk2DJXXmEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 204
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstmm9am5cKD43iYodoTLjDx3HjuPZMVLeUPp_X--5AoUYqmRPUPTtMw4GiiN_5RMJrYcylFZflWkWdpm6oTpp5KLS_dtPrmEfuQ0AhtjxMs5Lw381FANIo7OhFiDwlop-ZrO2SSWPQDAvBMH8vw3BMjAftD6ohpPF1hcywpHhw25yDYjRcunMVQgXrg20ZmAbMvSLPaDzL9_tdNubE88qpwBWw_n2Q3JrfTCG3i0iv6vk3amr06YkRkfRo43lQ4pKl45LHwaQTPduaqaY7fYrdv2p4HBFe5iVlESiJdhSPJ2DPbM0Tt6pMWJu5kxXdZE8YCvxupD_I6jJwqmis%26sai%3DAMfl-YRUG2-OMzhLmEcMwDrl2EG-J2Kwg1AzLO-nprTc_zX9quxsbqVeZtQNWdBQZ-h7-nvXsvjwfUvZCM6otBu328W6ZXlpxZZARGqCO7jyFv2zz6aDk2OPLHl4BN4UzrAb%26sig%3DCg0ArKJSzDE9LD4NaXR1EAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 206
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstFHYXQtE-GLSICHU0jn119CxQcfaLb4gRHyJJsQ81dieFE4GFxPAChqqJ07mH33KPiVJFX9WFOc95GcEivMQDoCy8VbCnlE-QgrJyXTGJknRpkuZIEnUNUOR780bjuP4u2CgtaYru3IRKI4tEoE1WM0LjThCsXTdRDAcaQlREZHKq2naoXlNNWXmN5YNJmItIHC57Zv7p1iz4lw3vkwkgFZvIe8D5g9G4Xs11e6NhSFNEEtlQzaYbbzA41Afpb56PunX9LFfwCa4sT5Qhjqutt14wJBu14xp7TelXlf4HSxPuzcxPt23BPL50Aw-1ljK2rgYH-oC0ix6OXt-vj%26sai%3DAMfl-YRLf8U-n5nZ2fJOeVI-0On_nMW3B8aHHBdQYXZEdNqGTRck0rND8nHvrfJn6Yn-7FhnYufCo_VUmpDa8PgqbhWpvl42R2y981rA4RQpQMi01kz8AF1TI3YPbY10VmCq%26sig%3DCg0ArKJSzB6Cx43TBLQUEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 218
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 221
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted&tc=1
Request Chain 222
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKfFKCpc5FVRIPGP7C5hqwo&google_cver=1&google_push=AavPq0N8zA522HahhTnGMvCNgSki4KDz45agHEvMhRrTlGV7wUgah6G3U9uWBa5t5Taqlfjd5RRepjs_MratlqB2dmfdQYXDlMw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N8zA522HahhTnGMvCNgSki4KDz45agHEvMhRrTlGV7wUgah6G3U9uWBa5t5Taqlfjd5RRepjs_MratlqB2dmfdQYXDlMw
Request Chain 223
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGYiVvkc-eyjjyJI37wXNjc&google_cver=1&google_push=AavPq0PAvNnfMoUG1HSmkiNhoBTHC-PF2M9CZHw3lI5P8qsXOiZOOQte9i-HUbwebrDj8_dF3X5I2ukbxlH7opqrhwgkC7tVXWpt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PAvNnfMoUG1HSmkiNhoBTHC-PF2M9CZHw3lI5P8qsXOiZOOQte9i-HUbwebrDj8_dF3X5I2ukbxlH7opqrhwgkC7tVXWpt&google_hm=fw6fG3lUSaSsPsettiscLCk
Request Chain 224
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN99smnlqI6dBaYzCARkzJM&google_cver=1&google_push=AavPq0OMDrnmXw4asvI4AswvZUFP79ASN6dgWgIp7oXKFqcCAokc04IdJ4JKtrl1yBXd8tNpz6slY8jTiAbEDburarCYO8QfCTH7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MzA1OTE2MTYxMzkyNDUwNA%3D%3D&google_push=AavPq0OMDrnmXw4asvI4AswvZUFP79ASN6dgWgIp7oXKFqcCAokc04IdJ4JKtrl1yBXd8tNpz6slY8jTiAbEDburarCYO8QfCTH7
Request Chain 225
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDq5Ml_OCEj9u9LzoFxeJPo&google_cver=1&google_push=AavPq0NrWPI7az4Dh_zPuN9u-JUxxl8wzTLfp6IeS-8_GDhs9SLG0CQv28QJrGIyKUiGtt7SH-pQoOeT13YLpun8qAi7lwkKYpB6 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZmpfA99UTgG89S7dVJDkog2&google_push=AavPq0NrWPI7az4Dh_zPuN9u-JUxxl8wzTLfp6IeS-8_GDhs9SLG0CQv28QJrGIyKUiGtt7SH-pQoOeT13YLpun8qAi7lwkKYpB6
Request Chain 226
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM2kwut4dEVLefYl-FuUWLY&google_cver=1&google_push=AavPq0Nn4g0hQfbkOfchB7kuUr0LYCrq38_E39UFiVXG2adi3lsOdrfblYtr-TbQ6DCEsS34iI5W44Z7GhVSF2xN0ndR98N22gA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM2kwut4dEVLefYl-FuUWLY&google_cver=1&google_push=AavPq0Nn4g0hQfbkOfchB7kuUr0LYCrq38_E39UFiVXG2adi3lsOdrfblYtr-TbQ6DCEsS34iI5W44Z7GhVSF2xN0ndR98N22gA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0Nn4g0hQfbkOfchB7kuUr0LYCrq38_E39UFiVXG2adi3lsOdrfblYtr-TbQ6DCEsS34iI5W44Z7GhVSF2xN0ndR98N22gA&google_hm=F55SsGZHXauzJYlqT82YvANk
Request Chain 227
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDKHsuJYdCWtbV_J0pF-s9s&google_cver=1&google_push=AavPq0PIa4CKoQfekCYgM1aXU5fzKlBOiTY6Db25SC7p3-Ae0jSpYBC_6FHHbYVtSRqctPnmmg3O-nYCce3wh8AKO7-B9GSfjf4 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PIa4CKoQfekCYgM1aXU5fzKlBOiTY6Db25SC7p3-Ae0jSpYBC_6FHHbYVtSRqctPnmmg3O-nYCce3wh8AKO7-B9GSfjf4&google_gid=CAESEDKHsuJYdCWtbV_J0pF-s9s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE3NDQyMDg3MzAzNDYwNjk0NDY2MQ%3D%3D&google_push=AavPq0PIa4CKoQfekCYgM1aXU5fzKlBOiTY6Db25SC7p3-Ae0jSpYBC_6FHHbYVtSRqctPnmmg3O-nYCce3wh8AKO7-B9GSfjf4
Request Chain 228
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFhI9bx3D2y3QAE3kL3hnwM&google_cver=1&google_push=AavPq0PboMQUhZ4_1Eeo94FqnUnXUp2uIdB03e83-2sxHdWhQ-Aa-5DCiZNauY8uLrgcGNm4eU9SJkvNU9sRPD8TJ0nohONbzF3ohw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0PboMQUhZ4_1Eeo94FqnUnXUp2uIdB03e83-2sxHdWhQ-Aa-5DCiZNauY8uLrgcGNm4eU9SJkvNU9sRPD8TJ0nohONbzF3ohw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 233
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
Request Chain 238
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 239
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/8ec0f249-cb91-4db9-91e2-a12f62f45b16&partner_id=1010
Request Chain 284
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8e4663af-5a40-4400-a6b6-b7352681f2cc&gdpr=0&gdpr_consent=
Request Chain 285
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=629282677052548305
Request Chain 287
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=49D7B69C-5C27-4145-96D0-8B5DD56732B7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=49D7B69C-5C27-4145-96D0-8B5DD56732B7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 288
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3200286950011710416&gdpr=0&gdpr_consent=
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sde2nFwnQUWW0Itd1Wcytw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 293
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1273600303 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=49D7B69C-5C27-4145-96D0-8B5DD56732B7
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDlEN0I2OUMtNUMyNy00MTQ1LTk2RDAtOEI1REQ1NjczMkI3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFPKh6mondeefGQ4U1Qpwk4&google_cver=1
Request Chain 298
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=202859567694457704
Request Chain 353
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAuDR7vymaobj4gGsgPqe8s&google_cver=1&google_push=AavPq0Pz0VJVoOBXvu2DNTbPu8gxbqGu3Hv_E8MNmTF76OhuZY8krrBovuwHTtn-KqZKyNbM63mHAH0CNTMxYyJALG9S4qGWKqQh&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Pz0VJVoOBXvu2DNTbPu8gxbqGu3Hv_E8MNmTF76OhuZY8krrBovuwHTtn-KqZKyNbM63mHAH0CNTMxYyJALG9S4qGWKqQh%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAuDR7vymaobj4gGsgPqe8s&google_cver=1&google_push=AavPq0Pz0VJVoOBXvu2DNTbPu8gxbqGu3Hv_E8MNmTF76OhuZY8krrBovuwHTtn-KqZKyNbM63mHAH0CNTMxYyJALG9S4qGWKqQh&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Pz0VJVoOBXvu2DNTbPu8gxbqGu3Hv_E8MNmTF76OhuZY8krrBovuwHTtn-KqZKyNbM63mHAH0CNTMxYyJALG9S4qGWKqQh%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 354
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN99smnlqI6dBaYzCARkzJM&google_cver=1&google_push=AavPq0NNuSCYTDnMiAOpTbx9596YPERjPE23ANsQA0rBY5Wc_eGpf3xmGXiAd6-McWEG75x1FT-_6O_pZZJ8AsxB-hQNB7N1lpXV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MzA1OTE2MTYxMzkyNDUwNA%3D%3D&google_push=AavPq0NNuSCYTDnMiAOpTbx9596YPERjPE23ANsQA0rBY5Wc_eGpf3xmGXiAd6-McWEG75x1FT-_6O_pZZJ8AsxB-hQNB7N1lpXV
Request Chain 355
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEQ8hAqzMhOf7p1B3LKhP1I&google_cver=1&google_push=AavPq0Pf_t0BfHPx4Qo_2ZW6KD32Rjn7OBJfKDAmWoTYVk28-H1cm_cGc-xN9cCmlCTcX_PqAHIzeJnJYDt3y1K60FLOMmXiERh0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAyODU5NTY3Njk0NDU3NzA0&google_push=AavPq0Pf_t0BfHPx4Qo_2ZW6KD32Rjn7OBJfKDAmWoTYVk28-H1cm_cGc-xN9cCmlCTcX_PqAHIzeJnJYDt3y1K60FLOMmXiERh0
Request Chain 356
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_cver=1&google_push=AavPq0NAh4AlMNaPqxB0RETJ0uNLO3QQqttov58tCdFZrasLdjZl3BW6Xc-K8420KjavzT-y4S3PwZiHmL6a2UOCB7RqtHG7qpI HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_push=AavPq0NAh4AlMNaPqxB0RETJ0uNLO3QQqttov58tCdFZrasLdjZl3BW6Xc-K8420KjavzT-y4S3PwZiHmL6a2UOCB7RqtHG7qpI&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_hm=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&google_nid=index&google_push=AavPq0NAh4AlMNaPqxB0RETJ0uNLO3QQqttov58tCdFZrasLdjZl3BW6Xc-K8420KjavzT-y4S3PwZiHmL6a2UOCB7RqtHG7qpI
Request Chain 357
  • https://match.360yield.com/match/ebda?google_gid=CAESEP1pOtaixeRpBDF5yqZoZhI&google_cver=1&google_push=AavPq0MfluHNpEBt5b-TTEH_YbhSujWY6uTunL7bYyymYHfNSEa2UjAEZgqh_Y0WnrhvWHxy0V0IfBbadATGeHObvuzyzaLIMSNC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jsDyScuRTbmR4qEvYvRbFg&google_push=AavPq0MfluHNpEBt5b-TTEH_YbhSujWY6uTunL7bYyymYHfNSEa2UjAEZgqh_Y0WnrhvWHxy0V0IfBbadATGeHObvuzyzaLIMSNC
Request Chain 358
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKvpO1v5y9ky5c5bvZNoWm4&google_cver=1&google_push=AavPq0M6pgbvcsCwai1MkNAGuItUvYjPvueBG-TVlVjDptbeaV8HYpDZmXM2zPoxXrS1tW12TEgSlG7gCIRXAA1i0g8_8aNiKe1r HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0M6pgbvcsCwai1MkNAGuItUvYjPvueBG-TVlVjDptbeaV8HYpDZmXM2zPoxXrS1tW12TEgSlG7gCIRXAA1i0g8_8aNiKe1r&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1672436289491 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-590e55ef-10ee-4f2e-838d-6a7dee6107cc-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0M6pgbvcsCwai1MkNAGuItUvYjPvueBG-TVlVjDptbeaV8HYpDZmXM2zPoxXrS1tW12TEgSlG7gCIRXAA1i0g8_8aNiKe1r%26google_hm%3DA1kOVe8Q7k8ug41qfe5hB8w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0M6pgbvcsCwai1MkNAGuItUvYjPvueBG-TVlVjDptbeaV8HYpDZmXM2zPoxXrS1tW12TEgSlG7gCIRXAA1i0g8_8aNiKe1r&google_hm=A1kOVe8Q7k8ug41qfe5hB8w
Request Chain 409
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=kJ5XgXxaaXFEUllrbVFBTm9BTG5mOFMvUG1sWlU2YnJPV0JpbUFTV0wyREE2TlNQMmJMRlZBV3YzQ0c3WXQvdVd0biszaUF5QmQ3cWZoQXdVME90enJJNUlNUlVqRnhmVS8yaWVXaVJXellCbGxNdW80YkZxZDNlUytRckYwTDdIT1hKYi9qL25nV3VLajNURlJWcGg3MjBpSnErMUFXVjhYa29TWE0wK1NrcXVucXo3R1lCSnhMMWc1SGdWZnVPMnp5WGlPRlhtNVFwY3g4WDJtcmU5TXByd1l0UzQ0VlA1czk5aE5Jb2hoTFZVOHJLZkRsZHJtbHZ0WFBqMHdhNFIxQTJYK0dKNlE0Q0dnOHNhVzltSGlPZXlLdz09fA&cppv=2
Request Chain 453
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=C8cXxV9ZdWwwTlR0TnglMkZxU1RHd01PUEUlMkZtZklJeGlTRUI2WVZVVjZGWFZEQ3h1cyUzRA&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=k-e4sYixNr6qL_1kAarGcOl5FxByVtVvuem7F4Ig HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=C8cXxV9ZdWwwTlR0TnglMkZxU1RHd01PUEUlMkZtZklJeGlTRUI2WVZVVjZGWFZEQ3h1cyUzRA&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=k-e4sYixNr6qL_1kAarGcOl5FxByVtVvuem7F4Ig HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=criteo&bsw_custom_parameter=751306bd-d7cb-4065-8aec-cc39e25540bc HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=criteo&bsw_custom_parameter=751306bd-d7cb-4065-8aec-cc39e25540bc HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9259b876-b36e-4188-8842-7c512836878d&ssp=criteo&expires=30&user_group=5&bsw_param=751306bd-d7cb-4065-8aec-cc39e25540bc HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=C8cXxV9ZdWwwTlR0TnglMkZxU1RHd01PUEUlMkZtZklJeGlTRUI2WVZVVjZGWFZEQ3h1cyUzRA&u=751306bd-d7cb-4065-8aec-cc39e25540bc
Request Chain 454
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dvYpjv19lUXRhck5Kc3clMkJkQWswS1JSS0QwREU1cGEyb0NJVWJKMnYzZVFZQmNEd3MlM0Q%26u%3d%3cTUID%3e&gdpr=false&consent=&ccpa= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=vYpjv19lUXRhck5Kc3clMkJkQWswS1JSS0QwREU1cGEyb0NJVWJKMnYzZVFZQmNEd3MlM0Q&u=c6bde626-ddf0-44c5-9dfb-8fd977a9fcf0-tuctaa8dfc3
Request Chain 456
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=MVx0UnxqM2pTTWFMNW8rdisvZ0pEbzdCYnRnaE9CbFBMQ2d2aldqSHE0c0hxVjQrWkZHMHEvZCsvTWtlU0FaMmlXdWxGWlNtRWlOWUxTRUhSbnU0UVZlUXJjdzR6aXZ6MlNYY0s2VlFzWHRHT1BTRW9TNVhUZVhPWnk3K3ozRnBqd21SandFUWU3R3I4bDFmWDRjS3VKam5lM3oxV1FWZmNpZlZpdmNscmdVdmtBYWkyQWxnUXk0ditpSlpYTUQwWjNVVng4dzZZYUZBTXBEUW5XSTF1REJPTFVqUjdoOXRoSHc0dUJUWlYrYXRmQ3daVlc4VGVSbVhvUkN5V3ZyN1VUVEVOMzd2WElhRFpzb3d0R29WWXM2R1pOUT09fA&cppv=2
Request Chain 493
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCMURVM1MtMi0xUDc4
Request Chain 494
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGQ2ZTkxNzcyZWE4MjQ2ODFjZjAxNWNkMmQzNjBmYjNjZGM0YjU1Zg
Request Chain 495
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Sk5p-aU8Q9mSShpaubdUEA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Sk5p-aU8Q9mSShpaubdUEA
Request Chain 497
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/e7vay6dKQljGQFeggAG9rQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pO897ypE2oJdccx41EjC9fcMX7pfF3MiQtf1NQ--~A
Request Chain 498
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCB1DU3S-2-1P78
Request Chain 499
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECJcDA6GGKVCfnM1J2V8LN0&google_cver=1
Request Chain 500
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted
Request Chain 502
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted
Request Chain 503
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
Request Chain 504
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
Request Chain 508
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_cver=1
Request Chain 509
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y69aQU9woO92CHfmlFe-iAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENec40JuuWqpkKibMM_VS6w&google_cver=1
Request Chain 512
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688161092&external_user_id=469215f7-9f14-4d3f-81e9-017812dc2c0f
Request Chain 514
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=ceda2709-da60-4d14-859b-96c1cedabdb0
Request Chain 515
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822944238769
Request Chain 518
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/
Request Chain 519
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/
Request Chain 524
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y69aQU9woO92CHfmlFe-iAAA%261153
Request Chain 525
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y69aQU9woO92CHfmlFe-iAAA%261153
Request Chain 527
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3200286950011710416
Request Chain 528
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y69aQU9woO92CHfmlFe_iAAABIEAAAIB
Request Chain 529
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y69aRAAIACecsAAF HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y69aRAAIACecsAAF&_test=Y69aRAAIACecsAAF
Request Chain 530
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y69aQU9woO92CHfmlFe-iAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENec40JuuWqpkKibMM_VS6w&google_cver=1
Request Chain 531
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_cver=1
Request Chain 532
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3200286950011710416
Request Chain 533
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=DUEaSw4TTxkWR00YDxRWHgIQTUwWShkYC0rpTi2D
Request Chain 535
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=42f38589-888a-11ed-9de6-1fe3cd8f0306 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/42f38542-888a-11ed-9de6-1fe3cd8f0306
Request Chain 536
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=42f66c63-888a-11ed-821d-10a0cca80206 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/42f66c10-888a-11ed-821d-10a0cca80206
Request Chain 537
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LFP87S8Bqb83VaroL1CwuCsEpO43Vv--Igbtpp3Q
Request Chain 538
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7183059161613924504&gdpr=0&gdpr_consent=
Request Chain 539
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YdMcV8tfQXFPMBgK8vtrKVFfBSk
Request Chain 540
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFNekRVN0hYclVBQUI3V1pTUVpVUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAMzDU7HXrUAAB7WZSQZUQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAMzDU7HXrUAAB7WZSQZUQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAMzDU7HXrUAAB7WZSQZUQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7716669635483849316&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAMzDU7HXrUAAB7WZSQZUQ&gdpr=0&gdpr_consent=
Request Chain 541
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=49D7B69C-5C27-4145-96D0-8B5DD56732B7 HTTP 302
  • https://a.audrte.com/p
Request Chain 542
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=49D7B69C-5C27-4145-96D0-8B5DD56732B7&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=49D7B69C-5C27-4145-96D0-8B5DD56732B7&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 543
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&addseg=19,36,42
Request Chain 544
  • https://pixel.onaudience.com/?partner=214&mapped=49D7B69C-5C27-4145-96D0-8B5DD56732B7&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6eccaa71490f0634635e99bf840f27da&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=f73fe5a2ee26a5fa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e7fca00c-6a75-4f3b-5e05-709670f0297b&reqId=e3ceea3d-6eba-451b-6558-041e68cd66fe&zcluid=f73fe5a2ee26a5fa&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEOEe8K4wL5YcYwU3ftam5Wo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e7fca00c-6a75-4f3b-5e05-709670f0297b&reqId=e3ceea3d-6eba-451b-6558-041e68cd66fe&zcluid=f73fe5a2ee26a5fa&zdid=1332
Request Chain 546
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NwovZclE2uX.Lcnfsh8geDF.8ONMS1E-~A&gdpr=0&gdpr_consent=
Request Chain 547
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=5d0b7c92-8870-4269-baea-2b140d94808f&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=751306bd-d7cb-4065-8aec-cc39e25540bc&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 550
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3998449658548754806&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 551
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 552
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 562
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156701&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1&piggybackCookie=uid:2a4964c9-f90a-488a-adc7-5bfc82fd4165&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3200286950011710416 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 563
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=5d3cd8f2-82ae-43af-b12e-67ba2cf5cb2b&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1
Request Chain 565
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=280c7ac6-8685-493e-b444-02e4272237a5&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Request Chain 566
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9e03f451-42d1-4b9a-bb2e-cbadf365c8c9&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMDtZTtdpS3Md60acI4T-Rc&google_cver=1&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Request Chain 567
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7183059161613924504&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Request Chain 575
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y69aRAAIACecsAAF&gdpr=0&gdpr_consent=
Request Chain 577
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 578
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4361023923
Request Chain 582
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f73fe5a2ee26a5fa/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7AicPGkHMTYMnVgXnnXUgVMg
Request Chain 585
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e4663af-5a40-4400-a6b6-b7352681f2cc

577 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il/
Redirect Chain
  • http://walla.co.il/
  • https://walla.co.il/
  • https://www.walla.co.il/
571 KB
269 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9044b6bcd8c3e85d9d3444f20bbcf0944193843f65474ba43ddcfbb6ce2d43fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8
cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 21:37:56 GMT
etag
W/"8ec62-uBn8T2PiP7URpVa/W5JCMSW0Nwc"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
x-amz-cf-id
t3-voheC0MXujaEW2G4BznCI-Sg06RjoBC7i72K6Ksgdpm2lgJCbIQ==
x-amz-cf-pop
DUB56-P1
x-cache
Hit from cloudfront
x-cached
MISS

Redirect headers

age
1394
content-length
0
date
Fri, 30 Dec 2022 21:14:51 GMT
location
https://www.walla.co.il/
server
AmazonS3
via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-id
5CNgwDTVCPP7hJFJj8DDHWCE2dmZHoE_-2RqY-CRwd9U2698j-PNcA==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1437 / 202 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Dec 2022 21:38:04 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 00:43:34 GMT
content-encoding
gzip
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
75270
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
NHVwdWoSgKMCSnVabFdtHiK6ze9kOKfy2AItyqlZNS3eSaEOFyIIsA==
expires
Sat, 31 Dec 2022 00:43:34 GMT
new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:12 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"473-18562a3bcc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
WJokHlQS2n4iZj2XBmU43CdVQNuymfED-YkjCZlW44Oz74jF-6vwRA==
x-cached
HIT
icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:12 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"7ee-18562a3bcc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
Lb8EAIiEXSpjJNZoUzrzA861qw8XH6B5V1CHjem72gGEh9uPWT2sNg==
x-cached
MISS
icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 		464 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37971
etag
W/"1d0-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
464
x-cached
HIT
x-amz-cf-id
uWZ3t_-hy58YxXoPbBgsTK0z0NXCI5D1AjPkLHeJ_yaN5mn1ofnUbw==
new-logo.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:04:33 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
38011
etag
W/"492-18562a3bcc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
SgENPdnlCz3-RVDvpzbyGIfu1va-00VFMlCeN3-IcUjmIeX9nWf3gQ==
x-cached
MISS
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37971
etag
W/"c00-18562a3bcc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
CwzGHZZvnN7pBa7hBnl9ICcLtyPaHZEIKxBF_eX8gak8zy08Y9AoUQ==
x-cached
MISS
yad2.png
www.walla.co.il/public/assets/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/yad2.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37971
etag
W/"488-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1160
x-cached
MISS
x-amz-cf-id
bVeOkpyeDAmXjIsB7rFU91En8rJBWlaYy9pjmrEp03WPI13VE_JGMg==
3476824-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_54/3/4/7/6/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_54/3/4/7/6/3476824-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
6294d3079b323e7d32ce2fe7bbd48f2a8c2de2b7a06c09757bb1734c5cf2486c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 19:12:37 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
8727
edge-cache-tag
284545642141245878857585075074143523051,325240592619059456640567246033780590469,d2bce9e04f88d43dd8350e859c701704
cache-tag
284545642141245878857585075074143523051,325240592619059456640567246033780590469,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
47130
x-request-id
2f0a5a8331a726ccd69dfe3fda3be2f0
x-served-by
cache-lga21945-LGA
last-modified
Fri, 30 Dec 2022 19:12:38 GMT
server
cloudinary
x-timer
S1672427555.436557,VS0,VE2228
etag
"ad9cd6de1e8a2169bfbbfff0a4c81947"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
XBBoazfo-Wt-0gTYwNerYG8M0ALRN0PyqkSCASeaOQ0Cdzs92JvO_g==
x-cache-hits
0
invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37971
etag
W/"834-18562a3bcc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
Zv5WTNyLpCBUQl7LYvGUJB3TVDOCXNCEqZCyS3O1N-m8sF_TCF2mBA==
x-cached
MISS
103fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 		895 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/103fm.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37971
etag
W/"37f-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
895
x-cached
MISS
x-amz-cf-id
hjJFgFwDS49U68q5q2MrGzJmr0GJNTJGtDmqvOxfMyu-_UiV_FiMMA==
99fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/99fm.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37971
etag
W/"3a5-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
933
x-cached
MISS
x-amz-cf-id
8mFEPMxIUlo39L0FeG0B8ol6y3IJs2zJ7tRHKzjiUIzZVt7Gwm0kng==
3473542-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/7/3/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/7/3/3473542-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
37fc4e7a3abd23889801a34b63714ec4e84e169551243febaff7cb70b9706f62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 05:41:05 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
143819
edge-cache-tag
168706918149911572649044903575986906203,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
cache-tag
168706918149911572649044903575986906203,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
26508
x-request-id
90f4a399a8294c15e8882d5b1400d8e2
x-served-by
cache-lga21969-LGA
last-modified
Thu, 29 Dec 2022 05:41:06 GMT
server
cloudinary
x-timer
S1672292464.402096,VS0,VE940
etag
"0834094cf7f4894b37f9cecc1be7df1f"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
E8Kcg-LWf4u_kGY3o7YeNwLI9k5kIo_gTwmOrh1gxfpOuXgwyuAe3Q==
x-cache-hits
0
2357136-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/3/5/7/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/3/5/7/2357136-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
34c5d307a57bf09f3c159a6c129370b8c293ec67847b9e4c99c400ec60d476cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 12:49:17 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
118127
edge-cache-tag
119880395262718257581038856239212261192,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
119880395262718257581038856239212261192,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
2991
x-request-id
0afcbfb066e4ab814f340ee8496d1161
x-served-by
cache-iad-kjyo7100126-IAD
last-modified
Thu, 29 Dec 2022 12:49:18 GMT
server
cloudinary
x-timer
S1672318157.480163,VS0,VE452
etag
"5ba53b157384829f59a062e5e73937e6"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
CUcHRs7Y1Noku-xgsCsBwjXhNcsJGViHSsStrEjRIOxe1GSl17TriQ==
x-cache-hits
0
3434921-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/3/4/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/3/4/3434921-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
0cc5a07f71a488044ff4b872409d1cd3939b33f6256407a9aef3337c4d368091

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 05:45:18 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
143566
edge-cache-tag
370695323095822955181903807708708040269,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
370695323095822955181903807708708040269,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
5786
x-request-id
23327a100a9364b36ebfc1f80ce67c54
x-served-by
cache-iad-kjyo7100081-IAD
last-modified
Thu, 29 Dec 2022 05:45:19 GMT
server
cloudinary
x-timer
S1672292717.603901,VS0,VE1890
etag
"66c224bd6c5aab53c137a15119ba0fc0"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
E-J41phrZVYO4u_2-1YoE3wmhc1f5hzp3H6rJFTIkMlMbTaTcxmSMA==
x-cache-hits
0
3463159-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/6/3/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/6/3/3463159-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
cd36933aa46bf2d3d5827ab80b13a76988c28eaf3869fd49a2bd9120d7a3c45c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:16:14 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
804110
edge-cache-tag
384093904006267726560262836817751542141,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
384093904006267726560262836817751542141,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
4026
x-request-id
7f3fd892f310ae7a1815547db7adb45d
x-served-by
cache-iad-kiad7000096-IAD
last-modified
Wed, 21 Dec 2022 14:16:15 GMT
server
cloudinary
x-timer
S1671632174.091542,VS0,VE684
etag
"e518a1afe99208c228aff395d5bbd7dc"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
9k_yLQ5A1M9kFqL4onp6T_sAZAkknCFYBosT1TKQ3b1z1whbyCU24w==
x-cache-hits
0
outbrain.png
www.walla.co.il/public/assets/outbrain/ 		780 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/outbrain/outbrain.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
00778b7246ce1ad6cbc6085624d78cdeb6c805c67c60113beab05259080b7a25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37971
etag
W/"30c-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
780
x-cached
MISS
x-amz-cf-id
YRMKhSvFZ9bMejR194Jz2yaRNZjB5iyG46vlZA3GaywzG3BiaL0D7g==
new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 		636 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"27c-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
636
x-cached
HIT
x-amz-cf-id
Z5LB3uFUnZkb203PS012ISfKYUJCXtowFARPrK6_o3sJ9Bf9DWyUgQ==
446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
www.walla.co.il/public/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:04:36 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
38009
etag
W/"2d69-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
HeNJR_H8YqvJt8FJyJkOhj7bBnLmAamigVMIc2ll6sr7aVcn2MsL1w==
x-cached
MISS
462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
www.walla.co.il/public/ 		309 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f48a26731c5bedb73f2c65bc3537c096ee30acd40dc1dbc52ab9dc0c7300c28f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:04:31 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
38014
etag
W/"4d5fa-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
ti5C8KgrQK2bNhbyeVCogMItBCTowTqo1xXR0iFDmuJjt6sAyUncGA==
x-cached
MISS
main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js
www.walla.co.il/public/ 		1 MB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
da28ea512b7c7e638b7689bd2ebb59cb7c796070f9518119f6d0475c08ac736f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:04:05 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
38040
etag
W/"11ec9a-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
Wel2LKZNT_K_ddQMx2uZiK02Q2QNCb2Mm5Nxnkcxl_VGb5OqS9JanQ==
x-cached
MISS
29_556abeff572d0b62c092_556abeff572d0b62c092_walla.js
www.walla.co.il/public/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/29_556abeff572d0b62c092_556abeff572d0b62c092_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1e36da77124c1e4d487d41ed4604cb51a1983e6444f3474ea022370aeabbe00e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"33ec-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
fsx2On6PWp3lBPp9VqJJott0cBQOEAUYRA4Jw2s-P4nGE2jkwi7cFw==
x-cached
MISS
homepage_1bf5acd2c77fb362c4e5_1bf5acd2c77fb362c4e5_walla.js
www.walla.co.il/public/ 		209 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_1bf5acd2c77fb362c4e5_1bf5acd2c77fb362c4e5_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
d99b90f783bad0cb9b8aff5311c99ae0a93091d1017397e466bf8a939da6377c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:12 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37973
etag
W/"3424e-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
Vq2l1ZtfnNLMK0qoAyf0tYG8x8wKwZaHmIEUjX_5SIwG8sD9QFXmTw==
x-cached
MISS
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 28 Dec 2022 21:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Dec 2023 21:29:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		907 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e35aa85514833036e24200de785c47bae867e2d1fc4a2998e876713a650a4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 30 Dec 2022 21:38:04 GMT
walla-v2-prod.js
cdn.valuad.cloud/hb/ 		908 KB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
31b7fe34672f874c1bdbc1cbfd84735a07aff08c1b0df1df162a281dc22052f7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Mon, 19 Dec 2022 13:38:58 GMT
x-sp-metadata
HS256.CM3QvZ0GEoUBCiRjYWI2M2Q2Zi1mZTVkLTQ3MjYtYmM5OS1kODRhOWI1OWRmZmUQ+PLE+NXG+wIaBgi9tL2dBiIKODEuOTUuNS40MSim2wMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGM1NWMyM2I2LWQxNTEtNGE0Yy1hOGRmLTRmMmEwMTNmNTcxORjwqA8iGAgCEhRjZHMwMDMuZnI4Lmh3Y2RuLm5ldA==.MNgqcyLZbepLUHbNVimLQnTyAQbxt5y7q1pkeahRsv0=
x-amz-request-id
tx0000000000000559a39f6-0063ae6714-2b9df863-fra1a
etag
"b4e93c760a48491f1d71d088544ada03"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1672436285.dop107.fr8.t,1672436285.cds329.fr8.hn,1672436285.cds003.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
250992
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 21:38:05 GMT
Content-Encoding
gzip
Age
545
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=
Content-Length
29221
x-amzn-internal-status
304
Last-Modified
Wed, 02 Nov 2022 19:43:37 GMT
Server
ECS (frb/6725)
Etag
"6633f9603c759c40d9b200995454f17c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
gtm.js
www.googletagmanager.com/ 		405 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7bb86db68c695256979fe754f6f4573e10c1d4ee0c404d4f34e53378fe424fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84970
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Dec 2022 21:38:05 GMT
gtm.js
www.googletagmanager.com/ 		496 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e0cd80e5209cb4cbfaa6c6074f66602faa02a45761cf979d2b6435bdba81111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66695
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Dec 2022 21:38:05 GMT
gtm.js
www.googletagmanager.com/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2326187be1a34dfc5a7ba09525c635bc3cae4f2d7b0ebdf220106795ea3054a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47550
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Dec 2022 21:38:05 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Dec 2022 20:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4245
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 30 Dec 2022 22:27:20 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Fri, 30 Dec 2022 21:38:05 GMT
api.js
www.gstatic.com/readaloud/player/web/api/walla/js/ 		442 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/readaloud/player/web/api/walla/js/api.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
686e58d5a724aedeaf95623eee27e4f1d115bf2d05b4b668c17066498a695f9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/speakr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153942
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 11:06:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="speakr"
vary
Accept-Encoding
report-to
{"group":"speakr","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/speakr"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 22:07:20 GMT
wallawb.js
cf.dxmcdn.com/dta/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/wallawb.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:7a00:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ebba04d5ca8ae78a79b3c7f229a37c102753633e9ca182fc6158e235594d2a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-amz-version-id
oybraUamdMFbqZV3UFLEjZ40HZNFemmw
content-encoding
gzip
via
1.1 9a736972b021a4b2382c29923f73ce8a.cloudfront.net (CloudFront)
date
Fri, 30 Dec 2022 09:10:28 GMT
last-modified
Wed, 28 Dec 2022 09:09:59 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
age
44867
etag
W/"0f82c0f29fb7d086fa70ef5c1fc0b22c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
2BjG22mDM9eu5pAkmxQT6eSx1nvkkdMUGCR4SKc_oLzpqm2ECACgIA==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 01:01:25 GMT
content-encoding
gzip
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
74200
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
cZkmb2M9nU1DxzDddLkT__z-P6lOo2ktW5BrPx4KiTjnMSSBLPGsyg==
expires
Sat, 31 Dec 2022 01:01:25 GMT
google.gif
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/google.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"5b6-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1462
x-cached
MISS
x-amz-cf-id
3tfpY-I4J4MiPhTI5oweTq-I7X07oMSIyqb_iErQ6nk7xe1t4eFGWg==
icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"2e7-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
743
x-cached
MISS
x-amz-cf-id
DjEPYWnTVm58ypSYnQa6cuSNHI6Aji8lxqIAPuYaSBQdo8uQyitb8Q==
zoom.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/zoom.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ed9a1c0a002eebd39ff310d9a7d166a21448676cc03b5546a5bebfbc762b1742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"7e3-18562a3bcc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
n0su-7q7J381N6sEkQySFnd3gvH2xTiViqRwQzQzyqpD64ntuBU8-A==
x-cached
MISS
icon-wather.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"85c-18562a3bcc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
LZcFu8EsoXNf0zBtH2jEgurVjCfKC-8EeoM3jMTjHAFu8YMxVxOpTA==
x-cached
MISS
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"5f6-18562a3bcc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
E98cPtccIb06GLYF7BSYEA8wXfxEhSXpjpr8dEBgDmwB6pnlgebcfQ==
x-cached
MISS
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:04:30 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
38015
etag
W/"e954-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
JBrv5F3-eRh8XNH-UIR_vfkQi8IL7LB7H_J-cOCaoi4xNzplElQ8Jw==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b64e6a6515b16f8e74e112ee7c7bef32818d4c09a7ce39de9a2bc98b008acb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-cache-hits
102
date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
2333
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
780
x-served-by
cache-hhn-etou8220020-HHN
x-timer
S1672436285.140449,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Wed, 28 Dec 2022 20:59:12 GMT
recorder.js
web-sdk.smartlook.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 London, United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2ac8150003a3c49d2735c3e68ebde6e820308ff0ee6bf57e38604259a4931eac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Fri, 30 Dec 2022 21:38:05 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
369
x-77-nzt
Abm0DAZSHtH/cQEAAA
x-accel-expires
@1672436516
last-modified
Wed, 21 Dec 2022 12:31:30 GMT
server
CDN77-Turbo
etag
W/"63a2fca2-c4a"
x-77-nzt-ray
fefc880d53951c153d5aaf6395c30f0d
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
tag.js
mc.yandex.ru/metrika/ 		211 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Dec 2022 07:53:53 GMT
etag
"63ae6ee1-12019"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73753
expires
Fri, 30 Dec 2022 22:38:05 GMT
outbrain.js
widgets.outbrain.com/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cd76a7d6c3183f770df9dd2359f0b9eba67a228bddec0b94d603b099b35d095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
gzip
last-modified
Sun, 25 Dec 2022 08:33:18 GMT
etag
"15-A7FcA/ubAPYZ+sUoQHBM4DPCoKM"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
8f1153846f7f06ed8c803b88dc993f84
timing-allow-origin
*, *
content-length
75280
3455014-46.mp4
images.wcdn.co.il/q_auto,w_300,t_18/3/4/5/5/ 		656 KB
658 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.wcdn.co.il/q_auto,w_300,t_18/3/4/5/5/3455014-46.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
efe1c403d097fea6efac5e50bcbf1b4bba32b1cdb4e229e0068b2a343b2e8adf

Request headers

Referer
https://www.walla.co.il/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 21 Dec 2022 13:15:40 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
807745
edge-cache-tag
314254495856400585036656707615394502416,337475062601781952787363620968152228896,d2bce9e04f88d43dd8350e859c701704
cache-tag
314254495856400585036656707615394502416,337475062601781952787363620968152228896,d2bce9e04f88d43dd8350e859c701704
status
206 Partial Content
x-cache
Hit from cloudfront
Content-Range
bytes 0-672169/672170
Content-Length
672170
x-request-id
949faff7282aaa752695401448e6bcdf
x-ua-compatible
IE=Edge,chrome=1
x-served-by
cache-lga21983-LGA
last-modified
Wed, 21 Dec 2022 13:15:41 GMT
server
cloudinary
x-timer
S1671628517.745977,VS0,VE23652
etag
"c3a0ce867379712e7b4813e5361584fc"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
p8EEs_zlsvy_5Z4R1rp6XuSRl-B6pH7maYRbIydBMG5x23xVjiyfog==
x-cache-hits
0
arrow-forward.svg
www.walla.co.il/public/assets/homepage2/ 		475 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/arrow-forward.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"1db-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
475
x-cached
MISS
x-amz-cf-id
48nWncQ39u2t5ZGkcejksIhuDrO9n_XEPN7VOgA6cgnNVh52KiDw5g==
video@2x.webp
www.walla.co.il/public/assets/icons/homepage3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video@2x.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"74c-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1868
x-cached
HIT
x-amz-cf-id
WgEs9OPcqHKEJZ4vMYuZ-OI1_xOdxp9DkLqKkIUTPj9CI6meT7vbTQ==
play103fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 		409 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/play103fm.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"199-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
409
x-cached
MISS
x-amz-cf-id
U1RaxqL3P5wtoyL3eEbsJ98L-Nd9Me1MoHxLKHvhFEeh6nJBi57MsQ==
play99fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 		409 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/play99fm.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"199-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
409
x-cached
MISS
x-amz-cf-id
qrbs6QrOCX_dg4bivdzAjTAgXwdIaf8ow8DO6RRMMt8hPaKVt3gIAw==
video.webp
www.walla.co.il/public/assets/icons/homepage3/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:13 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37972
etag
W/"3a2-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
930
x-cached
MISS
x-amz-cf-id
wbAIiHg-E7ciuscFHQf65rFQW3ykJCReHwzOHY2pR0hxIXMNYNTdUA==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:08:17 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:15 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37788
etag
W/"3bdc-18562a3b8d8"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
kmkNA3L0RlZNbvWJJ5NbR5ge2xP8NuGBYeZ7qGmw5bdF1ReoXhFh4g==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:04:30 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:15 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
38015
etag
W/"e770-18562a3b8d8"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
KaEjLmstkDfV_4njyUQc7K9Eq0pNGuYliA-xsvyEs7-fV8eA69HPug==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:04:31 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
38014
etag
W/"e7c0-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
MISS
x-amz-cf-id
ytKAfblVMR7KOgTVoe20eUJDc-zZt5NhXThqs5495Rz5wCE5FpALcQ==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=CHinHsClo25v15FC9&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=12011&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.walla.co.il%2F&b=1317&t=BZTLltg4-n8BzszsbB9Aqr-B_Cvcf&V=139&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&tz=0&sn=1&sv=4yPXoCABxTsCsh_9JBpgbyUB3do2M&sd=1&im=067b2fff&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.93.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-93-8.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:05 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
3455014-46.mp4
images.wcdn.co.il/q_auto,w_300,t_18/3/4/5/5/ 		16 KB
17 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.wcdn.co.il/q_auto,w_300,t_18/3/4/5/5/3455014-46.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
63abefac436c3621d520bffba41cf53478cf755a79f6f3c8a6c1a676aabcbf8c

Request headers

Referer
https://www.walla.co.il/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Range
bytes=655360-

Response headers

date
Wed, 21 Dec 2022 13:15:40 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
807745
edge-cache-tag
314254495856400585036656707615394502416,337475062601781952787363620968152228896,d2bce9e04f88d43dd8350e859c701704
cache-tag
314254495856400585036656707615394502416,337475062601781952787363620968152228896,d2bce9e04f88d43dd8350e859c701704
status
206 Partial Content
x-cache
Hit from cloudfront
Content-Range
bytes 655360-672169/672170
Content-Length
16810
x-request-id
949faff7282aaa752695401448e6bcdf
x-ua-compatible
IE=Edge,chrome=1
x-served-by
cache-lga21983-LGA
last-modified
Wed, 21 Dec 2022 13:15:41 GMT
server
cloudinary
x-timer
S1671628517.745977,VS0,VE23652
etag
"c3a0ce867379712e7b4813e5361584fc"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
-BRtn3fBZcVY0qd-lnEG2CO3DfG7H43XKdwDOsGRnbaTwR0K4w38MQ==
x-cache-hits
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CHinHsClo25v15FC9&c=0&V=139&x=3rIF6M8vg190A&v=B&ml=m&sl=DAUSmv&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.88.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-88-224.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:05 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CHinHsClo25v15FC9&c=0&V=139&x=muiIa2JehMYYw&v=B&ml=m&sl=BS6ZMJ&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.88.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-88-224.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:05 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e95073dab42296aed67adf3bc9921b2b3ae8deadf99629d64e46c158f1cff57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78939
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 30 Dec 2022 21:38:05 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=61718290&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=864296121&gjid=1648463524&cid=1852875319.1672436285&tid=UA-249518521-1&_gid=1693097556.1672436285&_r=1&gtm=2wgbu0KL6PRJM&z=1107072710
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-12-30
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:da00:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab0aa272129b8414307f03545286a8afb10195cdd7e095ab1bd686f5044894ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-amz-version-id
XUMYA8aafEZUII4bjvNLB4prrBgXRwRQ
content-encoding
gzip
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
date
Fri, 30 Dec 2022 13:31:35 GMT
last-modified
Wed, 28 Dec 2022 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
29191
etag
W/"0901f4e054bf0ffdba40b1ae9c2e08b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
6g8LdysOMx12sGo7L-5H0uqotXsSWH3FW_Q93_MYju73ZNS12H5HFg==
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Dec 2022 21:38:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
++Gm+VuYGjFcM3XuqMO+T8td7kzjuA9PyTDlhyoEuozeXgYToV4YGKaVRAdRuGERy972DUhbGvDJ2R5k8BQMfA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1245572/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
719cf83680e234cf16ce5c725840d858f8eb36cc755a442c9e9e27edc966e606

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-amz-version-id
0CIkgJAN0K5zUaMu1XzFI1PZkny8VEl8
content-encoding
gzip
via
1.1 varnish
date
Fri, 30 Dec 2022 21:38:05 GMT
x-amz-request-id
0KQ3FC7C0J3NP3Q7
age
81
x-cache
HIT
x-amz-replication-status
PENDING
content-length
18204
x-amz-id-2
tMq9aoP1xqZNscgSg5p3GtvqET8QQi++MdsaO3XOziClijGwA31gFPQnrnIZcAK9kB3goSGwql0=
x-served-by
cache-hhn-etou8220086-HHN
last-modified
Wed, 28 Dec 2022 12:21:58 GMT
server
AmazonS3
x-timer
S1672436285.442140,VS0,VE0
etag
"308db2d931837849393908c8a0ce5fd6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
64
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
7
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=61718290&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=469996604&gjid=1724547720&cid=1852875319.1672436285&tid=UA-4780630-1&_gid=1693097556.1672436285&_r=1&gtm=2wgbu0T728TH&cd1=1852875319.1672436285&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&z=403256817
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 21:38:05 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56151712c246c6e20123d2a2279e552e697bef1abc3104e7d4b0d8c8e34fe6ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79017
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 30 Dec 2022 21:38:05 GMT
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L30GH6X3WK&gtm=2oebu0&_p=61718290&cid=1852875319.1672436285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672436285&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4780630-1&cid=1852875319.1672436285&jid=469996604&gjid=1724547720&_gid=1693097556.1672436285&_u=aEDAAEABAAAAACAAI~&z=1430077023
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 30 Dec 2022 21:38:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
452_26dc5e427d85df112ddb_26dc5e427d85df112ddb_walla.js
www.walla.co.il/public/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/452_26dc5e427d85df112ddb_26dc5e427d85df112ddb_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1305b2f052d8eaa0fa1e83f15dfbe15cb58cdff54c44a3a24daa273e2e523a75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:15 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37970
etag
W/"1eaa7-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
FrHIupyIttnoAh9tf8eE52dEMinT0KYbpuRPPdOKMGnhf00elOzqxQ==
x-cached
MISS
PikudInner_bb9f77b480edaf21f1e3_bb9f77b480edaf21f1e3_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_bb9f77b480edaf21f1e3_bb9f77b480edaf21f1e3_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
2d4b858c0e7906266e5342c077cb13a45cc546c1c678da9ca63a13a0940a7a7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:15 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37970
etag
W/"cfd-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
NF9yeqar5Lilm9sXDEnNfmk3FHprGIpQgnWng6s4hIn7v6DkpnXH_w==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1437 / 291 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Dec 2022 21:38:05 GMT
2323
dal.walla.co.il/editor/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dal.walla.co.il/editor/2323?from=www.walla.co.il
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-63.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ec2771dc89436b6998f17c9927e6ed44a5efb421ed1afed64cfb34c8de2f7854

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:37:27 GMT
content-encoding
gzip
via
1.1 ff7cafeac35b91a7af23c56e3b9691e8.cloudfront.net (CloudFront)
x-amz-cf-pop
DUB56-P1
age
39
x-srkey
9ca383bf7f5c06689b373a08cfd03266
x-cache
Hit from cloudfront
x-cached
HIT
pragma
cache
server
openresty/1.15.8.1
x-speed
0.0445189476
vary
Accept-Encoding
x-hostname
a65b60067a9e
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
x-ip-x
149.106.252.72, 64.252.67.122
x-ip-r
10.30.21.158
cache-control
max-age=60
x-amz-cf-id
pF2uIOHh8ARsRZ29cIPcSH-tSyvUHwNXO39W-XV6zhZDi4VYH0YR9A==
expires
Fri, 30 Dec 2022 21:38:04 GMT
985_8f9f43cb2d0d34144d8f_8f9f43cb2d0d34144d8f_walla.js
www.walla.co.il/public/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/985_8f9f43cb2d0d34144d8f_8f9f43cb2d0d34144d8f_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c3e2c3a1252dbbb47647b91b7492bf3d6c3dc1d4a332ca14616bf8be075f0593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:15 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37970
etag
W/"adb3-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
SWCbNQi0ZBlYFrz0GO8a16iTjS6IRfhxaiB12LSCioCwarQbRxOhIA==
x-cached
MISS
player.html
www.walla.co.il/public/ Frame 8E02 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f42ec27f2c6d85ac310093af2b83337569831c813eda706f8aa1f481ce5d0573

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37970
cache-control
public, max-age=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 11:05:15 GMT
etag
W/"bd8-18562a62dc0"
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
x-amz-cf-id
VN9B9b9qUJvF2K3NGMfVkbyL46gaRv6QYXfbftlheYUQ7BhJGufuZQ==
x-amz-cf-pop
DUB56-P1
x-cache
Hit from cloudfront
x-cached
HIT
626_0d28508a485b0f3e4d71_0d28508a485b0f3e4d71_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/626_0d28508a485b0f3e4d71_0d28508a485b0f3e4d71_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
45945e673e9facc8b3292790f069378dc73f3a7d2ee6729d773ae44ddde754ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:15 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37970
etag
W/"c3a-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
2WCOifagwZ_Bo3QZ_8TrPZr42r71kWjwSNBX74nGRv6q00XJw93pmQ==
x-cached
MISS
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:15 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37970
etag
W/"46c-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
4xAKM8fD-T6A7o-specfJnfryqi3rIjse8uj3gRGbcy3RzTt8gyMDA==
3421426-46.png
images.wcdn.co.il//3/4/2/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il//3/4/2/1/3421426-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 16:31:18 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
2610407
edge-cache-tag
145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
cache-tag
145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
5667
x-served-by
cache-lga21969-LGA
last-modified
Sun, 14 Aug 2022 10:29:39 GMT
server
cloudinary
x-timer
S1669825879.630391,VS0,VE1
etag
"a299b27a337fe5f8cd65385dbd30d509"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
CXdGD4OFGyq5614ygN1UBP_PBX7EYy5aQrQXCd53nGopJUVov0Lmqw==
x-cache-hits
1
3446763-46.png
images.wcdn.co.il/f_auto,q_auto,w_400/3/4/4/6/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_400/3/4/4/6/3446763-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
c5b8c33935eb54f665133731f389751b694cb221fd19e19bca18758034e86ce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:00:42 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
110243
edge-cache-tag
260123766931755275147947543974984546756,381913850593876579626476268632260101011,d2bce9e04f88d43dd8350e859c701704
cache-tag
260123766931755275147947543974984546756,381913850593876579626476268632260101011,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
3930
x-served-by
cache-lga21932-LGA
last-modified
Thu, 20 Oct 2022 15:10:53 GMT
server
cloudinary
x-timer
S1672326042.232589,VS0,VE1
etag
"1735ced6b0f3c485c9fc6c4d2a9a7939"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
UjJxYw9kjy5wHaG8TyH_t5Z015n64Tr6LR0L_-76cuDy2xn7n5RvAQ==
x-cache-hits
1
3476742-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_400,t_18/3/4/7/6/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_400,t_18/3/4/7/6/3476742-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
afc9f2fe752a9c17d879365002804324582c3be6a2d77ec0bb9ba13ad684fc9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 13:52:54 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
27911
edge-cache-tag
201712967080179182457946900303430803675,381573010157131071558488767622808407530,d2bce9e04f88d43dd8350e859c701704
cache-tag
201712967080179182457946900303430803675,381573010157131071558488767622808407530,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
10609
x-request-id
efcca88e6fd9dc6fb786a28b30d5a4c8
x-served-by
cache-iad-kiad7000025-IAD
last-modified
Fri, 30 Dec 2022 13:52:51 GMT
server
cloudinary
x-timer
S1672408374.380913,VS0,VE5
etag
"0f22192f989072d40426e9b3290fce0b"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
1NLNOY2m9WsUg0YghaO6eeqZEM7NwV4Z-kUozrOzJ3aiTMr-s5xnwQ==
x-cache-hits
1
3476962-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/3476962-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
d565a9018ec141118e87f5deb7711c7e69568b691ab713b38e148767ecc6debc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:13:04 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
41101
edge-cache-tag
271601819246365519134195461699349857862,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag
271601819246365519134195461699349857862,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
9643
x-request-id
ad0fbb63179ff295f74902280bb64143
x-served-by
cache-iad-kjyo7100066-IAD
last-modified
Fri, 30 Dec 2022 10:13:01 GMT
server
cloudinary
x-timer
S1672395185.610526,VS0,VE1
etag
"396693c76b36b370847f233f1dfecc54"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
ZDUmM-fl3t-Yq5MaynVhHRNxKy9Q5aVvo4JOej8SSaSh4oAyPI9ZHw==
x-cache-hits
1
3476750-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/3476750-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
13d679001581a31d2a570f49c96cfceb487011ef418ea4c2f7165dd468004b5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:00:08 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
110277
edge-cache-tag
299776980358120877185181002283300005441,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag
299776980358120877185181002283300005441,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
21779
x-request-id
72f3959f6f966a1d260920f7c06bcc94
x-served-by
cache-lga21957-LGA
last-modified
Thu, 29 Dec 2022 15:00:09 GMT
server
cloudinary
x-timer
S1672326008.784584,VS0,VE675
etag
"aada03818fe4acb0d5e3f7053c86ead7"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
CGh1q3uWkvcNg_2rcxYSU-Kk_uG6aSyIf70qBTC4JZydNtgTULaLAg==
x-cache-hits
0
3476768-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/3476768-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
cd1465a64ad22b6a0c2069541049857411da587cfd61f90108abc61fbff5c311

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 12:58:52 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
31153
edge-cache-tag
365126261383510807307793219567809545808,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag
365126261383510807307793219567809545808,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
10382
x-request-id
31d0c017ad4c79cf98880dc98b9a8b6d
x-served-by
cache-lga21964-LGA
last-modified
Fri, 30 Dec 2022 12:58:53 GMT
server
cloudinary
x-timer
S1672405132.437042,VS0,VE298
etag
"64c2b82a8680dd2ede1cb085f134215f"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
YwZsk3hszNpCUf5CnMwdcrUlHTt9xb-DD_IK4TR-tcKwmpzsGq9XDw==
x-cache-hits
1
3476764-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/3476764-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
d5c457438a1fdf54de5892646cd220d7278e36dd018d620990e7d30f302eaaec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 13:18:06 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
29999
edge-cache-tag
158181948434309221674820481751385432698,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag
158181948434309221674820481751385432698,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
5866
x-served-by
cache-iad-kiad7000077-IAD
last-modified
Fri, 30 Dec 2022 13:18:01 GMT
server
cloudinary
x-timer
S1672406286.159343,VS0,VE23
etag
"767ee244ece2bfd1b528a9c1a556ce43"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
dguXZsZsOzLi0ltmQcgQuudGKax6Yky_2meMr8yL9NmJ1LYyObuVPg==
x-cache-hits
0
3477062-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/7/7/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/7/7/3477062-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
1a42a538d7c0bd4ca66e29e29f1566558e37e005397105384d145237bed7068f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 20:28:34 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
4171
edge-cache-tag
280141752755840988360335154710369182985,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
280141752755840988360335154710369182985,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
9370
x-request-id
9c73acc229bbb61e6b2b68659f152a7d
x-served-by
cache-iad-kiad7000136-IAD
last-modified
Fri, 30 Dec 2022 20:28:35 GMT
server
cloudinary
x-timer
S1672432114.798938,VS0,VE566
etag
"8dd5d50a02bd8115612788084a1b9fba"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
BCClh-4Sj7k-NE-QodJfwKsNN5_pFkrth6uEYPELjBMhR9AMZAU1sg==
x-cache-hits
0
3283452-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/2/8/3/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/2/8/3/3283452-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
e022716b0d7786642c493374ce228e043df51434837c25a6e10c30b11aa7c955

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 17:02:53 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
16511
edge-cache-tag
258550151715098432134165338553032517772,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
258550151715098432134165338553032517772,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
19627
x-request-id
4d5166b6f315c2fc1bc27421e3d8a6cb
x-served-by
cache-iad-kiad7000036-IAD
last-modified
Fri, 30 Dec 2022 17:02:54 GMT
server
cloudinary
x-timer
S1672419770.214241,VS0,VE3773
etag
"66b92dc23fced92a6bf9180841d68043"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
IwJqxxp4S2WSacD_3cy3eo2rWILb_tDZHMWBsiPTkVz6sflVy5oyPw==
x-cache-hits
0
3477073-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/7/7/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/7/7/3477073-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
966863ba417f920efc86515e9bd84f68f1de503b9532e904859c9dc095663b91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:17:11 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
1254
edge-cache-tag
374185498463420707090097369096475619579,100405190877075924057354241558136016486,d2bce9e04f88d43dd8350e859c701704
cache-tag
374185498463420707090097369096475619579,100405190877075924057354241558136016486,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
10152
x-request-id
48d6099ce1e94e6729c3aabc4f5756dc
x-served-by
cache-iad-kjyo7100147-IAD
last-modified
Fri, 30 Dec 2022 21:16:51 GMT
server
cloudinary
x-timer
S1672435032.608171,VS0,VE1
etag
"6a84ace22e4e027067def919c5febbec"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
JTyF9qTfjqF0znCaJNLnO_Ka5TvjO-fQZS4PS7BqrO_vvXziOPeiTg==
x-cache-hits
1
3179120-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/9/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/9/3179120-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
d942218f1bf6e2ffaac8c63bc3e3d729fa187fe22836102fa1c6c4887c3a5e44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 14:00:28 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
27457
edge-cache-tag
164532849367902147806800334309226438561,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
164532849367902147806800334309226438561,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
2944
x-served-by
cache-iad-kiad7000105-IAD
last-modified
Fri, 31 Dec 2021 14:00:26 GMT
server
cloudinary
x-timer
S1672408829.944698,VS0,VE1
etag
"c4e036d4b72455ef4ec38802163866db"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
sLaJKsROi5mle5CqXb_BM1SK9MnFwznEUCwXRAh3bxbznzxEa1xZgg==
x-cache-hits
1
3257856-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/3257856-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
ac3ec5feaadff6b9971d045b79a2bf36d5a7afd78c0c39a6a340a8cd5175f5e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 17:01:33 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
10643792
edge-cache-tag
181324815173015367470310301508200870431,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
181324815173015367470310301508200870431,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
1434
x-served-by
cache-iad-kiad7000029-IAD
last-modified
Tue, 28 Dec 2021 18:00:53 GMT
server
cloudinary
x-timer
S1661792494.700302,VS0,VE1
etag
"3f5e873602e4a3235e31ae90cabe2dea"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
fK3trl3_RGaetvBXxrl7-abH3VIsqJiQPq-9tCNjHAn4LF_y2GXeGA==
x-cache-hits
1
init.7171b9a4c8e511f032f0.js
web-sdk.smartlook.com/es6/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.7171b9a4c8e511f032f0.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 London, United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f000048e202ba3ed2a2d49bc09f11e77faa217ac28d71dd8b435f2ef6009cf5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Fri, 30 Dec 2022 21:38:05 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
807983
x-77-nzt
Abm0DAaDhwX/L1QMAA
x-accel-expires
@1703164302
last-modified
Wed, 21 Dec 2022 12:31:30 GMT
server
CDN77-Turbo
etag
W/"63a2fca2-d8e6"
x-77-nzt-ray
fefc880d0f9ce11b3d5aaf63f4569632
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=1852875319.1672436285&jid=469996604&_u=aEDAAEABAAAAACAAI~&z=1835568828
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=1852875319.1672436285&jid=469996604&_u=aEDAAEABAAAAACAAI~&z=1835568828
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:05 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 29 Jan 2023 21:38:05 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8E02 		372 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Fri, 30 Dec 2022 21:38:06 GMT
446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
www.walla.co.il/public/ Frame 8E02 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:04:36 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
38009
etag
W/"2d69-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
awFyyu0Vq1q_Fjlt_RdYJ9U56hs3U4K_JuaKNz7lOQ9iXIn57ZNWMQ==
x-cached
MISS
330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
www.walla.co.il/public/ Frame 8E02 		698 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e738c53ef449838876fe4764541af72c41a7a77123674f2df73d11872b8e2c87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:04:35 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
38011
etag
W/"ae7fe-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
n-Jalu9vvz4AuzcqXZuA7Uek0EBkSEhmfnVO_uTjLJM5cckyBFUTAw==
x-cached
HIT
player_dedd31ca649d0d1e7e30_dedd31ca649d0d1e7e30_walla.js
www.walla.co.il/public/ Frame 8E02 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player_dedd31ca649d0d1e7e30_dedd31ca649d0d1e7e30_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e88d0252b17c67a7272d2ef1c8b13481cd964a903996d7100e019b7dcf2117c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:04:35 GMT
content-encoding
gzip
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:48:56 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
38011
etag
W/"768e-18562a62dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
TftwHtq9NBWIHy8g-3A1irBlAjmvZIlUl5hldyl7K80uKbxvt-XPag==
x-cached
HIT
map-id
ledger.crowdad.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=505568ba-3354-4ee7-91e8-799d16bae297&adnxsUserId=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D505568ba-3354-4ee7-91e8-799d16bae297%26adnxsUserId%3D%24UID
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=505568ba-3354-4ee7-91e8-799d16bae297&adnxsUserId=3200286950011710416
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=505568ba-3354-4ee7-91e8-799d16bae297&adnxsUserId=3200286950011710416
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
54.194.227.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-227-63.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
content-length
0

Redirect headers

Date
Fri, 30 Dec 2022 21:38:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2f23f122-93e2-42f8-9271-a73396fcb6bd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=505568ba-3354-4ee7-91e8-799d16bae297&adnxsUserId=3200286950011710416
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oebu0&_p=61718290&cid=1852875319.1672436285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672436285&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 30 Dec 2022 21:38:06 GMT
server
Google Frontend
x-cloud-trace-context
16d4b1039ed4eeecb15f9ad7effba232
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
x-request-id
5420ade2-c164-48af-8e7c-0a9fd9b51a7e
x-vad-version
0.9.13

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
4c75d1e7e70bd176d84bde32d0c2fbd3
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
170717926997655
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01937047c90246a82d1916150e51461dd70214845e25a5de5c16aa5ac9b1a827
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Dec 2022 21:38:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86210
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
PRDDnU2tDRmxN2AmrP7IFT35ttobR8zAcNrb3R9ex3I2bcrVsvF5l8r/2ZohScATOPdY++wKFlMyd9UI8wAZ9Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
widget_iframe.644279d1635fd969e87af94a98bd232b.html
platform.twitter.com/widgets/ Frame 1594 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
770099
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Dec 2022 21:38:06 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 02 Nov 2022 19:36:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668B)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9868.6-2ChxL3xuylkA2kBfUNNMf0_fCIA1wnyIh9w4-UgFYgWZzhsXk4eNDMixoumD_G.8s37WcPdH4xttk8RBXYs7jWwFpQ%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9868.MmlSTnim_xh9DcPE7v334E3AgSTNMWuWNO_xYZn8T6WIw3RkqHlxkPASEGCVNSuyBUNjVtgUro_Fegc3P3ZooIheOMdXyiJ0Wo8KOpYrpB8%2C.27Y1bXe0mcMAh4IV_Gt31lJ78X8%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9868.MmlSTnim_xh9DcPE7v334E3AgSTNMWuWNO_xYZn8T6WIw3RkqHlxkPASEGCVNSuyBUNjVtgUro_Fegc3P3ZooIheOMdXyiJ0Wo8KOpYrpB8%2C.27Y1bXe0mcMAh4IV_Gt31lJ78X8%2C
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9868.MmlSTnim_xh9DcPE7v334E3AgSTNMWuWNO_xYZn8T6WIw3RkqHlxkPASEGCVNSuyBUNjVtgUro_Fegc3P3ZooIheOMdXyiJ0Wo8KOpYrpB8%2C.27Y1bXe0mcMAh4IV_Gt31lJ78X8%2C
date
Fri, 30 Dec 2022 21:38:06 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.co.il/
Redirect Chain
  • https://mc.yandex.co.il/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.co.il&token=9868.ASlX_JJGWrPzeggM-34oO_5qrWYGqujZEuCRFcj98J6lRphimwT3rT4uoe3AxWEO.4Y_GGvFnIoO-76-gCeylS0grhSA%2C
  • https://mc.yandex.co.il/sync_cookie_image_decide?token=9868.Ush0BD8r6plaadzhXyq0Kn1eyZQcpJcUdPask7qttjn9OV3nJeWLNhnpjSk6EyQaCRnQGwHSwiFIM50lEZoaqO1zSjzANBrVH0X5pxHtdiM%2C.S4LXhzbGKSIAKukMuYVspkBefr...
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.co.il/sync_cookie_image_decide?token=9868.Ush0BD8r6plaadzhXyq0Kn1eyZQcpJcUdPask7qttjn9OV3nJeWLNhnpjSk6EyQaCRnQGwHSwiFIM50lEZoaqO1zSjzANBrVH0X5pxHtdiM%2C.S4LXhzbGKSIAKukMuYVspkBefrw%2C
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.co.il/sync_cookie_image_decide?token=9868.Ush0BD8r6plaadzhXyq0Kn1eyZQcpJcUdPask7qttjn9OV3nJeWLNhnpjSk6EyQaCRnQGwHSwiFIM50lEZoaqO1zSjzANBrVH0X5pxHtdiM%2C.S4LXhzbGKSIAKukMuYVspkBefrw%2C
date
Fri, 30 Dec 2022 21:38:06 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
json
trc.taboola.com/1245572/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1245572/trc/3/json?tim=1672436286057&data=%7B%22id%22%3A179%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1672436286053%2C%22cv%22%3A%2220221227-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drtbee-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1672436286057%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A9%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
66e05ed27b09c2db7574b1e8a237a72870d0b1c401ea03c8e35f320f1cd995cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn-etou8220086-HHN
server
nginx
x-timer
S1672436286.075340,VS0,VE18
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1672436286061&cv=9&fst=1672436286061&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6175aa38a4c7d32272a12b61217f17263e0cec255021400cc41115ce5b25739f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
986
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
handshakes
khn.crowdad.io/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.92.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-92-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Fri, 30 Dec 2022 21:38:06 GMT
access-control-allow-credentials
true
content-length
0
handshakes
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.92.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-92-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Fri, 30 Dec 2022 21:38:06 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Dec 2022 07:53:53 GMT
etag
"63ae6ee1-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 30 Dec 2022 22:38:06 GMT
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:15 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37971
etag
W/"558e-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
yar2_sOGJXdjREu2IPMz0mVyCZgEdJfrpFnNrwiE59zv-HT-DkOoGA==
get
odb.outbrain.com/utils/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=0&rand=62512&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&umv=0&settings=true&recs=true&version=20109&sig=693oGBqf&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af7b837e6ec1f0ca29f0349649e969834dac8aa975e5b99310406122311bbdd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1672436286.290014,VS0,VE115
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21982-LGA, cache-vie6356-VIE
x-traceid
90796a4893762ada8b3acc2bb09f0951
accept-ranges
bytes
content-length
1142
expires
Thu, 01 Jan 1970 00:00:00 GMT
settings
syndication.twitter.com/ Frame 1594 		1 KB
734 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=ca9df5e3e3e2897a51640f50309d3b53d20a3c19
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
10fc98318d2b1839f0d1783b5dc616cc96954174df0fd185f49a5a51d6b5e361
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-response-time
106
date
Fri, 30 Dec 2022 21:38:05 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 30 Dec 2022 21:38:06 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
9af64c544ac261a4
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
42366187b06e83a95f0b2e04ef023aa61343da47b929e9d00b3d79e8c239600c
content-length
413
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1672436286061&cv=9&fst=1672434000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=3337645816&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1672436286061&cv=9&fst=1672434000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=3337645816&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1616785908557850
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b7ecc8afee61d43aff1e3d11f54ba4cd303bcd2b366f9511fc4cee1bf885248
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Dec 2022 21:38:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86269
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
joOqx9x0jPGUuyOCXSDs1i/1LVaSYDjvQrWDRKjrGHZ7pIhTOB2/uplJ9EWPyz7255Z1xLYJ3r1wzg7yBku9bA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1672436286260&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1672436286259.1677744404&it=1672436286003&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Dec 2022 21:38:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
3474627-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200/3/4/7/4/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200/3/4/7/4/3474627-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
956577cb1cd8ce2329b277b94b84245534c629dfc97e13082c19a6df18a99fe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 07:49:43 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
136103
edge-cache-tag
189731625322406006394598963561302440622,385029475625341910144138938533186147889,d2bce9e04f88d43dd8350e859c701704
cache-tag
189731625322406006394598963561302440622,385029475625341910144138938533186147889,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
3517
x-request-id
80f95207563836c0c6adab37cb4858f0
x-served-by
cache-iad-kjyo7100132-IAD
last-modified
Thu, 29 Dec 2022 07:49:44 GMT
server
cloudinary
x-timer
S1672300183.932805,VS0,VE389
etag
"8f3deabb514ace1d408f3015ac78faac"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
5aJcs6pt2Q5ZWhUDMphodOyaUb3KB-y5IEBg-4G_4JajEOx6WRRSBg==
x-cache-hits
0
3474251-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_200/3/4/7/4/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200/3/4/7/4/3474251-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
cloudinary /
Resource Hash
261212f0afe198339163c027bbff7713059a4f0b781870a45f76bb233f16f8d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 07:49:43 GMT
via
1.1 varnish, 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
136103
edge-cache-tag
333299483654075933853144967700810213658,294469140922281122699657686388755206154,d2bce9e04f88d43dd8350e859c701704
cache-tag
333299483654075933853144967700810213658,294469140922281122699657686388755206154,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
3871
x-request-id
8093af5676fed036ef50ee116fbc2482
x-served-by
cache-lga21924-LGA
last-modified
Thu, 29 Dec 2022 07:49:44 GMT
server
cloudinary
x-timer
S1672300183.749603,VS0,VE489
etag
"189f2b09df0983251939e7d46bce3dd3"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
EJwabkWec9Engm-DUiKjtuCeMbrKQw7yn0YzvN5mL0J4Ni5ZHPp7-Q==
x-cache-hits
0
play.svg
www.walla.co.il/public/assets/icons/ 		359 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/play.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
daa21d896f1bb4d044779b10b38fd7793654c8b214908be7ae812dbff9f083d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:05:16 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37970
etag
W/"167-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
359
x-cached
MISS
x-amz-cf-id
r6exYGL916Ty1k5gFvprMlidDygwZ9BYHVEK46ZWURceKjePvHWAHg==
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1672436286324&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1672436286259.1677744404&it=1672436286003&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Dec 2022 21:38:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=d83a0b72c2b2702448210111b22f8f4c_1769_1672436286358&tm=516&eT=6&wRV=20109&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 21:38:06 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
3ec4811c61be06683bcf3fcbfab079f8
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=1&rand=97861&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&t=ZDgzYTBiNzJjMmIyNzAyNDQ4MjEwMTExYjIyZjhmNGM=&adblck=false&abwl=false&px=209&py=1247&vpd=47&cw=282&activeTab=true&darkMode=false&ab=0&wl=0&umv=0&settings=true&recs=true&version=20109&sig=693oGBqf&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ddc20c155e91de9797474a6a31b46f6cdcb6d3be6bb000638556145368949149

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1672436286.435828,VS0,VE116
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21983-LGA, cache-vie6356-VIE
x-traceid
1c3fd72f7e96943c38313c2f4b35cfa1
accept-ranges
bytes
content-length
3829
expires
Thu, 01 Jan 1970 00:00:00 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 29 Jan 2023 21:38:06 GMT
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1662969048.571231"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
expires
Sun, 29 Jan 2023 21:38:06 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=7be3c6fbd72929c4d58e556d0a484583_1769_1672436286495&tm=660&eT=0&widgetWidth=282&widgetHeight=36&widgetX=209&widgetY=1256&wRV=20109&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=135&oo=true&lo=1497&odbreq=2606&odbres=2741&cet=4g&to=1672436283826&umv=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 21:38:06 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
0e7bdd26f22774e8fc402bd6d76987af
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
streamFeed.js
widgets.outbrain.com/nanoWidget/20109/module/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/20109/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c24bad101be9ecf42509350febb31dbe8667ba81748ca4bbe715eb14c62bceab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
gzip
last-modified
Sun, 25 Dec 2022 08:31:29 GMT
server
AkamaiNetStorage
etag
"22a52c965abe861f656e4e34ed511cc7:1671959046.256419"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13299
expires
Fri, 06 Jan 2023 21:38:06 GMT
get
odb.outbrain.com/utils/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=2&rand=2079&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&t=ZDgzYTBiNzJjMmIyNzAyNDQ4MjEwMTExYjIyZjhmNGM=&adblck=false&abwl=false&px=536&py=5284&vpd=4084&cw=864&activeTab=true&darkMode=false&ab=0&wl=0&umv=0&settings=true&recs=true&version=20109&sig=693oGBqf&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4539c92f0440d16503e5c262109511ccb8d1972d0a606640829403c4163e2df5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1672436287.596770,VS0,VE326
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21970-LGA, cache-vie6356-VIE
x-traceid
1354339e3484113a3b8a6f4289073557
accept-ranges
bytes
content-length
10974
expires
Thu, 01 Jan 1970 00:00:00 GMT
get
mv.outbrain.com/Multivac/api/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPP&key=NANOWDGT01&version=20109&apv=false&sig=693oGBqf&format=html&rand=24713&osLang=en-US&umv=0&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZDgzYTBiNzJjMmIyNzAyNDQ4MjEwMTExYjIyZjhmNGM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=4&lastCardIdx=0&fAB=11731-42692&layeredTestInfo=11731-42692-&dpr=1&cw=282&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/20109/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62deba681f3738ce08e984e027fe45ca07e44c2833a71e52e21f1ba76192d327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1672436287.700322,VS0,VE291
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21969-LGA, cache-vie6356-VIE
x-traceid
dc1f242c390923f058be4864b68f423c
accept-ranges
bytes
content-length
8454
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame 94AA 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:06 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 5DD0 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:06 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
1
mc.yandex.com/watch/91804681/
Redirect Chain
  • https://mc.yandex.com/watch/91804681?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
  • https://mc.yandex.com/watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
435 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A297597792411%3Ahid%3A285242402%3Az%3A0%3Ai%3A20221230213806%3Aet%3A1672436286%3Ac%3A1%3Arn%3A469631235%3Arqn%3A1%3Au%3A1672436286411206565%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A17%2C71%2C44%2C125%2C338%2C0%2C%2C707%2C0%2C%2C%2C%2C1304%3Aco%3A0%3Acpf%3A1%3Ans%3A1672436283826%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672436287%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94%21%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a9573b0acc9a62e26c58b920afdd8f59ca598d212f705d4a7c7a12dc1e2a6043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 30-Dec-2022 21:38:06 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Fri, 30-Dec-2022 21:38:06 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:06 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Dec-2022 21:38:06 GMT
location
/watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A297597792411%3Ahid%3A285242402%3Az%3A0%3Ai%3A20221230213806%3Aet%3A1672436286%3Ac%3A1%3Arn%3A469631235%3Arqn%3A1%3Au%3A1672436286411206565%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A17%2C71%2C44%2C125%2C338%2C0%2C%2C707%2C0%2C%2C%2C%2C1304%3Aco%3A0%3Acpf%3A1%3Ans%3A1672436283826%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672436287%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94%21%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://www.walla.co.il
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 30-Dec-2022 21:38:06 GMT
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Sun, 29 Jan 2023 21:38:06 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=0fd1c80e14555cddae0ccded850a2a47_1769_1672436286866&tm=1036&eT=0&widgetWidth=864&widgetHeight=259&widgetX=536&widgetY=5284&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=286&oo=true&lo=1497&odbreq=2766&odbres=3117&cet=4g&to=1672436283826&umv=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 21:38:06 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
8e23e430db2f33f168766247556e62db
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=3&rand=45953&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&t=ZDgzYTBiNzJjMmIyNzAyNDQ4MjEwMTExYjIyZjhmNGM=&adblck=false&abwl=false&px=537&py=12302&vpd=11102&cw=863&activeTab=true&darkMode=false&ab=0&wl=0&umv=0&settings=true&recs=true&version=20109&sig=693oGBqf&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
365635ceaa786b70d9d42a90eed7f2ede4b2aca69682a1a358ea934ff69f577d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 30 Dec 2022 21:38:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1672436287.176791,VS0,VE114
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13622-LGA, cache-vie6356-VIE
x-traceid
4822a44d24bfaf3e73cf81a2f995550d
accept-ranges
bytes
content-length
3986
expires
Thu, 01 Jan 1970 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache
etag
"1481c32-41771-5c7110f340cdf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
content-type
application/javascript
cache-control
max-age=84078
accept-ranges
bytes
content-length
82748
x-xss-protection
1; mode=block
expires
Sat, 31 Dec 2022 20:59:25 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84da8714ed2dc7517b5f011504350ec999762f66d7a4bb7ea5f1a7aaa1226ccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
781debab2aae6925-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		0
0
localstore.js
script.4dex.io/ 		483 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 21:38:07 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
536815
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQiR9jYKYuJfRLtnvY%2BXShQ%2FXq5suqsNBHRGgP9b7WCvIyVJYgRL2SxAx9Js%2BYjWkucQao%2F1XviGZxGm%2Fc6EBY6bxr6tKie5SHF6Hrkmb8gvaoGZiv0iLROqYoBe5wqE2IeTgTlKAuG6zZqL"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
781deba9faf09225-FRA
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.115.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-115-255.compute-1.amazonaws.com
Software
/
Resource Hash
1939b1a114c6d1b00675720092c351ee23bca23bd5625b9a0366083200f1aba5

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.walla.co.il
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
auction
tlx.3lift.com/header/ 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.162.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-162-40.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:07 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
mp.4dex.io/ 		114 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf2c122a9e3226be81f21349493c9809147042db5ad6bf7f480504e18e398ff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 30 Dec 2022 21:38:07 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1241
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
781debaa3bae9b49-FRA
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=26170822812
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2237c6b11607c974f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22domain%22%3A%22walla.co.il%22%2C%22publisher%22%3A%7B%22domain%22%3A%22walla.co.il%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22389fb181c49349b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%22403be5f53e7a54b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%7D%7D%2C%7B%22id%22%3A%224131b57662731fa%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%7D%7D%2C%7B%22id%22%3A%224292e9533173aa9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b5726a0b5bc698eb03d9e2887d1da2f374424ad82e74b82a94613f39dc0b434

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1so8HtD3wE3Bajvh9rEHggSLc93miv36J2tkapsj78JlcDSxjU0Yg2WyT1aSu5SL4aHkYUDZLC5NO6YSWVcpX6iPdEmo1%2Bdl%2B55nXfFOMnK59GKAZT%2FqHCSVWd17GFl31xPgeP5g"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
781debaa492bbb47-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		416 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=e111cda9-ef47-4bd5-822e-f8b6022b2477&l_pb_bid_id=44530b9683fbfd5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.447369027406165
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
20b0c8ca5c8236ce3f780c221a69578a6eff064f86a600eafdc7c79e21041e01

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		402 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=0b32c907-231a-4489-ba45-5e2ca0459110&l_pb_bid_id=4575fd514dd3382&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.2718015266243119
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c62fbb30c48617456cfc5496687255dfa8829988b79ef92528521074bd0a7fe1

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
402
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		398 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&tk_flint=pbjs_lite_v6.29.3&x_source.tid=7c19371a-ad31-4521-82f9-367587dccef5&l_pb_bid_id=463d163637c1c53&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&slots=1&rand=0.8525094898288499
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6ba6f5e114a6bc23e759052973c8d0c4218da2cf2ef8ce4985a594d251c8cdf9

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
398
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		409 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=fb49949f-97bd-424a-b92a-6d212eb556a6&l_pb_bid_id=47f1c93b7244f0e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&slots=1&rand=0.8100127358747389
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c9aada91f2482454e0d7f999da9846878fd083bd451e4e64aa22fc0280b88987

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
409
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		892 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F&PublisherDomain=walla.co.il
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d7982fc691697ffa91d23be7e3a2e2c7b6c4fe9e3ba961f9b19f31d1ab9749b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
93
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
892
expires
0
prebid
ib.adnxs.com/ut/v3/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1d13410c9b439f7d24cbaf04e174d839bfebc99fe34dfca02729c8ae2ee511e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 30 Dec 2022 21:38:07 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ef6ae08c-bc2a-4a40-9859-091908eb30b2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		471 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5f8987cc45bc5b684562f8a6c034377a17c2a3b18a51b1179eae00e801753cef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:07 GMT
AN-X-Request-Uuid
5709f25f-cecb-47d8-9336-eea714bc8912
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
471
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Fri, 30 Dec 2022 21:38:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
u.openx.net/w/1.0/ 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e111cda9-ef47-4bd5-822e-f8b6022b2477%2C0b32c907-231a-4489-ba45-5e2ca0459110%2C7c19371a-ad31-4521-82f9-367587dccef5%2Cfb49949f-97bd-424a-b92a-6d212eb556a6&nocache=1672436287030&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C300x250%7C300x250%7C300x250&divids=adSlot-2%2CadSlot-4%2CadSlot-5%2CadSlot-6&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fyad2_rectangle_desktop%2C43010785%252Fwallanews%252Fmain%252Fshopping_rectangle%2C43010785%252Fwallanews%252Fmain%252Fsport_small_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c2eb15e8924d18fcbe6982d873358c311b13f8d66fcca3c448107661975b158e

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:07 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
781debaa390c6925-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
781debaa39106925-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
781debaa39136925-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
781debaa39176925-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bid
ap.lijit.com/rtb/ 		28 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
88113b8b66244f416ece6d808a0d3ea6caf148491535adb5ce0e0eb472a846e6

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 30 Dec 2022 21:38:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		99 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=436112790262561&correlator=4106786553994450&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Ctop_desktop%2Cpremium_rectangle1_desktop%2Cdontmiss_strip_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1200x40%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x200%2C320x50%7C865x190%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=1750305995%2C885339185%2C2822717126%2C3185403616%2C581680297%2C3350566118%2C627877340%2C4035892786%2C2413266993%2C3423946703%2C941261747%2C3384287594%2C2655517678%2C199863102%2C41169729%2C2603141497&didk=1193244743~1193244742~1193245112~1193245116~1193245119~1193245118~2997460807~2997460804~2997460805~2997460802~2997460803~2997460800~2997460801~2997460814~2997460815~2997460812&sfv=1-0-40&ists=4095&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1672436287047&lmt=1672436287&dlt=1672436284301&idt=703&adxs=200%2C920%2C200%2C535%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C20%2C1232%2C3578%2C12382%2C12382%2C12382%2C12382%2C12382%2C12382%2C12382%2C12382%2C12382%2C12382%2C12382%2C12382&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x-1%7C1200x0%7C300x0%7C864x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=1200x-1%7C480x0%7C300x0%7C865x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C1200%2C300%2C864%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1852875319.1672436285&ga_sid=1672436287&ga_hid=61718290&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3cb62a20dd9fa5668e7acc5e4833ea943b445fd555b1bd9114e8674c94dbbb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26854
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-2,38340105,38284305,38363625,-2,-2,-2,-2,-2,-2,-2,38240625,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-2,68907848985,68907848985,68907848985,-2,-2,-2,-2,-2,-2,-2,68907848985,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 73DC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:07 GMT
expires
Sat, 30 Dec 2023 21:38:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9868.H8GvNupvOFolJs38mvcmDCte1RO8oeo5OjbhX3iKaDhystEbTvjIjjlvj_rxua5h.70jbZOyHJ9Q8yudDhbmH1caFK6E%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9868.65RZYYlCWqIglrNc60tCYqrrdrMLv3nZP0jmjyJeJqjNIvSroJk4ZMt-tBGPb4KUJgnTkYEnVWnvINTzXYqS4RsVRi8gIcD6JC_TGJTPwcY%2C.D_-Pk7P7SxLepy8BPJ...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9868.65RZYYlCWqIglrNc60tCYqrrdrMLv3nZP0jmjyJeJqjNIvSroJk4ZMt-tBGPb4KUJgnTkYEnVWnvINTzXYqS4RsVRi8gIcD6JC_TGJTPwcY%2C.D_-Pk7P7SxLepy8BPJ2BbFeqVzc%2C
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9868.65RZYYlCWqIglrNc60tCYqrrdrMLv3nZP0jmjyJeJqjNIvSroJk4ZMt-tBGPb4KUJgnTkYEnVWnvINTzXYqS4RsVRi8gIcD6JC_TGJTPwcY%2C.D_-Pk7P7SxLepy8BPJ2BbFeqVzc%2C
date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_decide_secondary
mc.yandex.co.il/
Redirect Chain
  • https://mc.yandex.co.il/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.co.il&token=9868.bDINv97u4issZbC9baRjz25kRDNN8ZwxYFgIOzUKWXomQIKF1-Ogt6eKYGbkVNr3.zDMr5TynLv1pfwAxGnozM9UsgBs%2C
  • https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9868.aCPijmwA5aAQ5o9xHogtuwGj-o-ikDaC_N3-FNwJpqna9t3oiI8W9Tp2ASAccO6FVOs-NnJ2QSW4iXFYSVCrUyCaYKj6l2iXU0fzc3BOxIU%2C.uFzmZ-k34aluSPqh...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9868.aCPijmwA5aAQ5o9xHogtuwGj-o-ikDaC_N3-FNwJpqna9t3oiI8W9Tp2ASAccO6FVOs-NnJ2QSW4iXFYSVCrUyCaYKj6l2iXU0fzc3BOxIU%2C.uFzmZ-k34aluSPqhHzNRh_1nV4Y%2C
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9868.aCPijmwA5aAQ5o9xHogtuwGj-o-ikDaC_N3-FNwJpqna9t3oiI8W9Tp2ASAccO6FVOs-NnJ2QSW4iXFYSVCrUyCaYKj6l2iXU0fzc3BOxIU%2C.uFzmZ-k34aluSPqhHzNRh_1nV4Y%2C
date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 21:38:07 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NB9RMWYS9P8BJMQ5
Age
647347
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
2Ndtz8v11YNi+qJthU2d1au/D384dCV5yBDmpljGUGtv09ot2GGgx+KNqDHBDlfwiRrE4Y4jvH8=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiwN2UBK1W2sXHokAuqapadwX2zbj2OdeWrrwFHPRKMm9dyEFccsg%2BnZH%2B2oGTsG6T%2FgomdOrg5x%2BmV8LeBi1ybLIAK8EsTOP64LhfY%2BoOoxxmrV71IValk3cwNLJ%2FS%2F8eSQdAfNG9D0Uf2N"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
781debac1c759bbf-FRA
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/20109/module/ 		503 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/20109/module/singleAnimationOnFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ae7d078e18a6ce17c1810177f9573f029353e5f7c19fcb0de5343a5229394358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
last-modified
Sun, 25 Dec 2022 08:31:29 GMT
server
AkamaiNetStorage
etag
"2be556c89dd9cd766f84d77439b2c183:1671959041.50359"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
503
expires
Fri, 06 Jan 2023 21:38:07 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=dc69bdb401f5702c66d7f1ead816ac4c_1769_1672436286938&tm=1260&eT=0&widgetWidth=282&widgetHeight=514&widgetX=209&widgetY=1297&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=213&oo=true&lo=1497&odbreq=2606&odbres=2741&mvreq=2831&mvres=3339&re=3341&cet=4g&cs=1&to=1672436283826&umv=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 21:38:07 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
b88e225181e251e2709b8f9006db1fbd
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
eyJpdSI6IjY5OGFiMjQxMjg0OTg5MTFmODI0ZWE4YTk5NjZmMGY3YzQwNDJmOTg2MjA3N2E3Yjk5NWNmYTJiNDgzOTBkNGMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjY5OGFiMjQxMjg0OTg5MTFmODI0ZWE4YTk5NjZmMGY3YzQwNDJmOTg2MjA3N2E3Yjk5NWNmYTJiNDgzOTBkNGMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
75b18148f54ba541195c7292613bb2a228d482099ba946396d295a698c0c4c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
last-modified
Sat, 17 Dec 2022 10:56:12 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2326841
access-control-allow-credentials
false
x-traceid
47f6a6c3459b695c90bd32c53421070f
timing-allow-origin
*, *
content-length
15014
eyJpdSI6IjVhNTIxNTg2MTUwY2U4ODY3MTRmN2Q4NzQyODVkY2RmODUyOWEzZTlhYjVmMjA3OGU5ZDBiMTk2OTE5ZjhhZTEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVhNTIxNTg2MTUwY2U4ODY3MTRmN2Q4NzQyODVkY2RmODUyOWEzZTlhYjVmMjA3OGU5ZDBiMTk2OTE5ZjhhZTEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24451e152f79311470db90cb2d79c177653f5f53d7f64dce9bedc7976e1b804e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
last-modified
Tue, 22 Nov 2022 14:43:51 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=355947
access-control-allow-credentials
false
x-traceid
5dc88741c8209c96d6fda9749d4396e7
timing-allow-origin
*, *
content-length
27706
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=7c3712b7c85d13d2a9802ee7cc532bfa_1769_1672436287238&tm=1401&eT=0&widgetWidth=863&widgetHeight=41&widgetX=537&widgetY=12310&wRV=20109&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=357&oo=true&lo=1497&odbreq=3125&odbres=3482&cet=4g&to=1672436283826&umv=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 21:38:07 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
860dd85fafbec360ab4b18b5f4bf4db9
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=4&rand=16389&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=ZDgzYTBiNzJjMmIyNzAyNDQ4MjEwMTExYjIyZjhmNGM=&adblck=false&abwl=false&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&umv=0&em=1&settings=true&recs=true&version=20109&sig=693oGBqf&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f72c11ac8904011bb2f28611a8feee3812ba14cc1234a0ef58d23e0236db4308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 30 Dec 2022 21:38:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1672436287.325022,VS0,VE270
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21983-LGA, cache-vie6356-VIE
x-traceid
375499bbbbdf79b69890f311b6089ec7
accept-ranges
bytes
content-length
15938
expires
Thu, 01 Jan 1970 00:00:00 GMT
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"65df986ae65cffdf92a926e7c42a25a8:1662969047.139727"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
12268
expires
Sun, 29 Jan 2023 21:38:07 GMT
get
mv.outbrain.com/Multivac/api/ 		125 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPC&key=NANOWDGT01&version=20109&apv=true&sig=693oGBqf&format=html&rand=57920&osLang=en-US&umv=0&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZDgzYTBiNzJjMmIyNzAyNDQ4MjEwMTExYjIyZjhmNGM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=3&lastIdx=5&lastCardIdx=0&fAB=11741-81572&layeredTestInfo=11741-81572-&dpr=1&cw=863&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/20109/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f283ca348f0ccbec94d0a158a6ea51415c85c03c7ea530f59eee2931d0a7201

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1672436288.566222,VS0,VE971
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21953-LGA, cache-vie6356-VIE
x-traceid
8ce8f9bef58f5bb34dd0d4e9c6cdbba9
accept-ranges
bytes
content-length
31494
expires
Thu, 01 Jan 1970 00:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
3044072
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
781debad2ddd6925-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
container.html
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4BBD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:07 GMT
expires
Sat, 30 Dec 2023 21:38:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 23A2 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 23A2 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 23A2 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:06 GMT
age
172921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:06 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 23A2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 23A2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
truncated
/ Frame 23A2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c004ce7fb2b9890ab174767a6d871e8ff7c7061fecb22cb603ce3e3753ed9a62

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/png
container.html
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 127C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:07 GMT
expires
Sat, 30 Dec 2023 21:38:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 37BD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:07 GMT
expires
Sat, 30 Dec 2023 21:38:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2E95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:07 GMT
expires
Sat, 30 Dec 2023 21:38:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FE5F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:07 GMT
expires
Sat, 30 Dec 2023 21:38:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1400970162047593958
tpc.googlesyndication.com/daca_images/simgad/ Frame 23A2 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/1400970162047593958
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c794d520f6ea3bac6be170207cda9f8f314f056625c58a7dc3a6494d45094d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:40:21 GMT
x-content-type-options
nosniff
age
233866
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95423
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 02:23:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Dec 2023 04:40:21 GMT
iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 23A2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/iw.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 18:59:43 GMT
x-content-type-options
nosniff
server
cafe
age
9504
etag
415739381108731362
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2712
x-xss-protection
0
expires
Sat, 31 Dec 2022 18:59:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 23A2 		344 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:36:06 GMT
x-content-type-options
nosniff
server
cafe
age
121
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 31 Dec 2022 21:36:06 GMT
l
www.google.com/ads/measurement/ Frame 23A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJ24yW6vXq8sdJEdDYnkux6wMsFvLB2pBygie0vpR9OS4JmH5JpzBxvREM-12eD6NoAQstvZ0NMI3famDXSxtzxlzqOQ
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 23A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwoFXP1qvY6TlC-GP9u8PwK2hmAKbnI_7bf3Zoqy2DsyP2IHwBRABINGTwypglZKWgqgHoAG5-p_UA8gBAqkCzq7JzoZOoj7gAgCoAwHIAwiqBPMBT9A_ASOuI08Tdc0s4K70mu2IKQPka5XP12PIRss17Fm6BrFISJiYGbHNomPrngtU7kqhMKett6WG8bZA6iSya-7aRwNJofgYc5yNmQQsxKgssl8JvJClJpx3p8CG1fldiRxKWzHkTVY9E2ciSpi3OILIQQ2zoBiOdlAgJTgKKcR68HWcc1cnxXq8kLF9qadUOGmqli_Kdnb0pLABdI987vyOntHIoHYbO77GDDmUxbLAd9P77GVT5yE1l1L8s4nX68drPrF07opZPJLanXSaoUhwUIUg1aLHai9EHDN85NoQtuhFP7NWjBiFNAU9KvINnJbAwASwo-GP8gPgBAGSBQQIBBgBkgUECAUYBKAGAoAHr4XgK6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIiNBtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=qMPikR00-9A&uach_m=[UACH]&cid=CAQSOwDq26N9Xvgxx_duhrPusOp1QVN9Q__Yuoa_OuSXm4aGDoQOo7z-53sswVgfNGW1Usv3SqGENYuwCusMGAEgEw
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
unip
trc-events.taboola.com/1245572/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=1664&scd=9&ssd=1&est=1672436286055&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1672436287719&vi=1672436286053&ri=2fa96b367b2bab35add0b6e384543a82&ref=null&cv=20221227-23-RELEASE&item-url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
drop_cookie_sw.php
csync.smilewanted.com/ Frame 6A22 		0
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debaef8986925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:07 GMT
server
cloudflare
vary
Accept-Encoding
bb9fb5a7573c62c95bbe69fa91fcf756
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 1DFD
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/bb9fb5a7573c62c95bbe69fa91fcf756?gdpr_consent=&gdpr=0
0
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/bb9fb5a7573c62c95bbe69fa91fcf756?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debb0bb616925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:08 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 30 Dec 2022 21:38:08 GMT
Expires
Fri, 30 Dec 2022 21:38:08 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/bb9fb5a7573c62c95bbe69fa91fcf756?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1672436288054021-425
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 127C 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 21:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
172952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Dec 2023 21:35:35 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 127C
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstjEXFWDG2IkRck8uM9hrh_FpR9gqnchTfsgi9DvUC3d6muhf3PpUzz2LEf_AdQyYSIjv1rHpgELxBBpQKqWV74I5E5-IYQJ28kXKzVGf2bbIO6LE9MLO5j2duTlpmf9XHqJ9AhY...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 16:58:56 GMT
x-content-type-options
nosniff
age
189552
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Dec 2023 16:58:56 GMT

Redirect headers

date
Fri, 30 Dec 2022 08:21:58 GMT
x-content-type-options
nosniff
server
cafe
age
47769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 29 Jan 2023 08:21:58 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2E95 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 21:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
172952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Dec 2023 21:35:35 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 2E95
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssyYfCdfE3B-ugycNBcrVo0trmyKOYHFCj2kCVed2X15zXclL9PZq4If7fQoPH6wzA7ly4I43h17vVZpiVbYY0uzpBgXTzLJIdLHicnr-ZUSoTNnHGYu26zZiJPiL0F2mwqP8QwQ...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 16:58:56 GMT
x-content-type-options
nosniff
age
189552
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Dec 2023 16:58:56 GMT

Redirect headers

date
Fri, 30 Dec 2022 08:21:58 GMT
x-content-type-options
nosniff
server
cafe
age
47769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 29 Jan 2023 08:21:58 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 37BD 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 21:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
172952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Dec 2023 21:35:35 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 37BD
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstmm9am5cKD43iYodoTLjDx3HjuPZMVLeUPp_X--5AoUYqmRPUPTtMw4GiiN_5RMJrYcylFZflWkWdpm6oTpp5KLS_dtPrmEfuQ0AhtjxMs5Lw381FANIo7OhFiDwlop-ZrO2SSW...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 16:58:56 GMT
x-content-type-options
nosniff
age
189552
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Dec 2023 16:58:56 GMT

Redirect headers

date
Fri, 30 Dec 2022 08:21:58 GMT
x-content-type-options
nosniff
server
cafe
age
47769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 29 Jan 2023 08:21:58 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FE5F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 21:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
172952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Dec 2023 21:35:35 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame FE5F
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstFHYXQtE-GLSICHU0jn119CxQcfaLb4gRHyJJsQ81dieFE4GFxPAChqqJ07mH33KPiVJFX9WFOc95GcEivMQDoCy8VbCnlE-QgrJyXTGJknRpkuZIEnUNUOR780bjuP4u2CgtaY...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 16:58:56 GMT
x-content-type-options
nosniff
age
189552
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Dec 2023 16:58:56 GMT

Redirect headers

date
Fri, 30 Dec 2022 08:21:58 GMT
x-content-type-options
nosniff
server
cafe
age
47769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 29 Jan 2023 08:21:58 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4BBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQD-QP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgTxAU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnrKrWlyv6kwjkjnNiSAE4AwgUofmAD5Eok-1LnzJOdaiA35bj97prgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=1otEZGa0o20&uach_m=[UACH]&cid=CAQSOwDq26N9Xvgxx_duhrPusOp1QVN9Q__Yuoa_OuSXm4aGDoQOo7z-53sswVgfNGW1Usv3SqGENYuwCusMGAEgEw
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 4BBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k7KVELr5RMoH3gKdg2ICAgAAAERKsbLBpQHOUwfGnGMh-yoQPlqvY1zQSzW2PZKMUnobABIAAA&wp=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
277830
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 500C 		212 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
96d28c27562409884f9c94ff00b93b7ca975b3c81cbf9640fb2bb43604f60414
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:07 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7EzAXiUfU-nAphLjgDaqM2szra-7GaF6YL3Z9PrzSVOEGhpC79rXtqr5Ky9j-SzOoIhn4hZEBs7tqM1wgPp2Xfw_gm82TTj5x7KWPn-yKbsmO_S_FO3kVp7r7bHn8xnmWXpCyoJb2SIjcQcswHL6jt3FaHYxmFGSMG3rycl_FSUZWuvQdMEG4XhYWfCSchGbynlGkscgA05Fl3AQ9eGnpasLBfx6xiNZnhwfSlr5_ac3KGTKhAW5tHVEOdkhwJrTjdBIvQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
139433234
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4BBD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 21:35:44 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BEDB 		1 KB
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51004
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Sat, 31 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4BBD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:35:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 21:35:43 GMT
l
www.google.com/ads/measurement/ Frame 4BBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnsaDkUiTNZ_vfD7no2dND48p3lln2uAV6HVfUPCGeb4qZp7fUZ2B0zvrxxhKK10dPYOls40acysirn5v8gF1KDomqaQ
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4BBD 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 21:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
172952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Dec 2023 21:35:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4BBD 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 21:38:08 GMT
v1
match.sharethrough.com/universal/ Frame 47C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.251.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-251-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
smw888.gif
us.ck-ie.com/ Frame A864 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 30 Dec 2022 21:38:08 GMT
Server
nginx
si
googleads.g.doubleclick.net/pagead/drt/ Frame 23A2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Redirect headers

date
Fri, 30 Dec 2022 21:38:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
events
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.92.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-92-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Fri, 30 Dec 2022 21:38:07 GMT
events
khn.crowdad.io/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.92.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-92-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Fri, 30 Dec 2022 21:38:08 GMT
access-control-allow-credentials
true
content-length
0
mePzQPnS5M0kUWiLFV3a
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame D825
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted&tc=1
0
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debb3c9016925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:08 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 30 Dec 2022 21:38:08 GMT Fri, 30 Dec 2022 21:38:08 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted&tc=1
pragma
no-cache
pixel
cm.g.doubleclick.net/ Frame BEDB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKfFKCpc5FVRIPGP7C5hqwo&google_cver=1&google_push=AavPq0N8zA522HahhTnGMvCNgSki4KDz45agHEvMhRrTlGV7wUgah6G3U9uWBa5t5Taqlfjd5RRepjs_MratlqB2...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N8zA522HahhTnGMvCNgSki4KDz45agHEvMhRrTlGV7wUgah6G3U9uWBa5t5Taqlfjd5RRepjs_MratlqB2dmfdQYXDlMw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N8zA522HahhTnGMvCNgSki4KDz45agHEvMhRrTlGV7wUgah6G3U9uWBa5t5Taqlfjd5RRepjs_MratlqB2dmfdQYXDlMw
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 30 Dec 2022 21:38:08 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N8zA522HahhTnGMvCNgSki4KDz45agHEvMhRrTlGV7wUgah6G3U9uWBa5t5Taqlfjd5RRepjs_MratlqB2dmfdQYXDlMw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 30 Dec 2022 21:38:07 GMT
pixel
cm.g.doubleclick.net/ Frame BEDB
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGYiVvkc-eyjjyJI37wXNjc&google_cver=1&google_push=AavPq0PAvNnfMoUG1HSmkiNhoBTHC-PF2M9CZHw3lI5P8qsXOiZOOQte9i-HUbwebrDj8_dF3X5I2ukbxlH...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PAvNnfMoUG1HSmkiNhoBTHC-PF2M9CZHw3lI5P8qsXOiZOOQte9i-HUbwebrDj8_dF3X5I2ukbxlH7opqrhwgkC7tVXWpt&google_hm=fw6fG3lUSaSsPsettiscLCk
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PAvNnfMoUG1HSmkiNhoBTHC-PF2M9CZHw3lI5P8qsXOiZOOQte9i-HUbwebrDj8_dF3X5I2ukbxlH7opqrhwgkC7tVXWpt&google_hm=fw6fG3lUSaSsPsettiscLCk
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:07 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PAvNnfMoUG1HSmkiNhoBTHC-PF2M9CZHw3lI5P8qsXOiZOOQte9i-HUbwebrDj8_dF3X5I2ukbxlH7opqrhwgkC7tVXWpt&google_hm=fw6fG3lUSaSsPsettiscLCk
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BEDB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN99smnlqI6dBaYzCARkzJM&google_cver=1&google_push=AavPq0OMDrnmXw4asvI4AswvZUFP79ASN6dgWgIp7oXKFqcCAokc04IdJ4JKtrl1yBXd8tNpz6slY8jTiAbEDb...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MzA1OTE2MTYxMzkyNDUwNA%3D%3D&google_push=AavPq0OMDrnmXw4asvI4AswvZUFP79ASN6dgWgIp7oXKFqcCAokc04IdJ4JKtrl1yBXd8tNpz6slY8jTiAbEDburar...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MzA1OTE2MTYxMzkyNDUwNA%3D%3D&google_push=AavPq0OMDrnmXw4asvI4AswvZUFP79ASN6dgWgIp7oXKFqcCAokc04IdJ4JKtrl1yBXd8tNpz6slY8jTiAbEDburarCYO8QfCTH7
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MzA1OTE2MTYxMzkyNDUwNA%3D%3D&google_push=AavPq0OMDrnmXw4asvI4AswvZUFP79ASN6dgWgIp7oXKFqcCAokc04IdJ4JKtrl1yBXd8tNpz6slY8jTiAbEDburarCYO8QfCTH7
Date
Fri, 30 Dec 2022 21:38:08 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame BEDB
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDq5Ml_OCEj9u9LzoFxeJPo&google_cver=1&google_push=AavPq0NrWPI7az4Dh_zPuN9u-JUxxl8wzTLfp6IeS-8_GDhs9SLG0CQv28QJrGIyKUiGtt7SH-pQoOeT13YLpun8...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZmpfA99UTgG89S7dVJDkog2&google_push=AavPq0NrWPI7az4Dh_zPuN9u-JUxxl8wzTLfp6IeS-8_GDhs9SLG0CQv28QJrGIyKUiGtt7SH-pQoOeT13YLpun8qAi7lwkKYpB6
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZmpfA99UTgG89S7dVJDkog2&google_push=AavPq0NrWPI7az4Dh_zPuN9u-JUxxl8wzTLfp6IeS-8_GDhs9SLG0CQv28QJrGIyKUiGtt7SH-pQoOeT13YLpun8qAi7lwkKYpB6
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 30 Dec 2022 21:38:08 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ZmpfA99UTgG89S7dVJDkog2&google_push=AavPq0NrWPI7az4Dh_zPuN9u-JUxxl8wzTLfp6IeS-8_GDhs9SLG0CQv28QJrGIyKUiGtt7SH-pQoOeT13YLpun8qAi7lwkKYpB6
x-host
tde-deliveryengine-production-769c9db745-hs2nq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame BEDB
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM2kwut4dEVLefYl-FuUWLY&google_cver=1&google_push=AavPq0Nn4g0hQfbkOfchB7kuUr0LYCrq38_E39UFiVXG2adi3lsOdrfblYtr-TbQ6DCEsS34iI5W44Z7GhVSF2xN0...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM2kwut4dEVLefYl-FuUWLY&google_cver=1&google_push=AavPq0Nn4g0hQfbkOfchB7kuUr0LYCrq38_E39UFiVXG2adi3lsOdrfblYtr-TbQ6DCEsS34iI5W44Z7GhVSF2xN0...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0Nn4g0hQfbkOfchB7kuUr0LYCrq38_E39UFiVXG2adi3lsOdrfblYtr-TbQ6DCEsS34iI5W44Z7GhVSF2xN0ndR98N22gA&google_hm=F55SsGZHXauzJYlqT82YvANk
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0Nn4g0hQfbkOfchB7kuUr0LYCrq38_E39UFiVXG2adi3lsOdrfblYtr-TbQ6DCEsS34iI5W44Z7GhVSF2xN0ndR98N22gA&google_hm=F55SsGZHXauzJYlqT82YvANk
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 30 Dec 2022 21:38:08 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0Nn4g0hQfbkOfchB7kuUr0LYCrq38_E39UFiVXG2adi3lsOdrfblYtr-TbQ6DCEsS34iI5W44Z7GhVSF2xN0ndR98N22gA&google_hm=F55SsGZHXauzJYlqT82YvANk
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame BEDB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDKHsuJYdCWtbV_J0pF-s9s&google_cver=1&google_push=AavPq0PIa4CKoQfekCYgM1aXU5fzKlBOiTY6Db25SC7p3-Ae0jSpYBC_6FHHbYVtSRqctPnmmg3O-nYCce3wh8AKO7-B9GSfjf4
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PIa4CKoQfekCYgM1aXU5fzKlBOiTY6Db25SC7p3-Ae0jSpYBC_6FHHbYVtSRqctPnmmg3O-nYCce3wh8AKO7-B9GSfjf4...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE3NDQyMDg3MzAzNDYwNjk0NDY2MQ%3D%3D&google_push=AavPq0PIa4CKoQfekCYgM1aXU5fzKlBOiTY6Db25SC7p3-Ae0jSpYBC_...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE3NDQyMDg3MzAzNDYwNjk0NDY2MQ%3D%3D&google_push=AavPq0PIa4CKoQfekCYgM1aXU5fzKlBOiTY6Db25SC7p3-Ae0jSpYBC_6FHHbYVtSRqctPnmmg3O-nYCce3wh8AKO7-B9GSfjf4
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE3NDQyMDg3MzAzNDYwNjk0NDY2MQ%3D%3D&google_push=AavPq0PIa4CKoQfekCYgM1aXU5fzKlBOiTY6Db25SC7p3-Ae0jSpYBC_6FHHbYVtSRqctPnmmg3O-nYCce3wh8AKO7-B9GSfjf4
date
Fri, 30 Dec 2022 21:38:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
report
sync.teads.tv/um/ Frame BEDB
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFhI9bx3D2y3QAE3kL3hnwM&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0PboMQUhZ4_1Eeo94FqnUnXUp2uIdB03e83-2sxHdWhQ-Aa-5DCiZNauY8uLrgcGNm4eU9SJkvNU9sRPD8TJ0nohONbzF3ohw
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

expires
Fri, 30 Dec 2022 21:38:08 GMT
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BEDB 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lx-6GX5wf_qwJyk_OzUDEc1RNk3akfKB3v3PTx9u1RIBD14yC_QHDq9tyVoPER2rMgmSMWWA
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 4BBD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e7e243c8e4c50b99a9dd5db1232ffbc2214f0d7f5a4b54fc6640b221a3fad1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FE5F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5d4b9ddd158d28c62174a7a874687e9bf1b0868ec665540914450c5bae728fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 127C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1505ed2d0f1a7fdc9ed990be2c46892b93816a2e01d9cf1e9a7162fef74c05ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/png
setuid
ib.adnxs.com/prebid/ Frame 6FF2
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
b0ae6003-ada9-4472-ae29-b584e3376abb
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 30 Dec 2022 21:38:08 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debb03a886925-FRA
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:08 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
server
cloudflare
truncated
/ Frame 2E95 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07ae4a00b167f3ca5ccec4c5ae8f5110e1838fcd8630f6aa0d5ee9c968c3c83d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 37BD 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cba03c2e7e93f6351c5f47a6e0ce808cf656d33b9aebe39ee1de6a41e2acdca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/png
walla.json
www.walla.co.il/public/player-config/ Frame 8E02 		111 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player-config/walla.json?cache=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_dedd31ca649d0d1e7e30_dedd31ca649d0d1e7e30_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.171.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-171-125.dub56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:07:36 GMT
via
1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Dec 2022 10:46:16 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
DUB56-P1
age
37832
etag
W/"6f-18562a3bcc0"
x-cache
Hit from cloudfront
content-type
application/json; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
111
x-cached
HIT
x-amz-cf-id
79ZqgA27zgiyyI9qO9pWVVefltZQt-_1Q6Mekiujc_IX-vhQ3mStEw==
connectmyusers.php
cdn.connectad.io/ Frame 3D39 		1 KB
824 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
781debb27fb62c02-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:08 GMT
server
cloudflare
getuid
sync.smartadserver.com/ Frame C155
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 30 Dec 2022 21:38:07 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Fri, 30 Dec 2022 21:38:08 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
8ec0f249-cb91-4db9-91e2-a12f62f45b16&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 9375
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/8ec0f249-cb91-4db9-91e2-a12f62f45b16&partner_id=1010
0
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/8ec0f249-cb91-4db9-91e2-a12f62f45b16&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debb21ded6925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:08 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 30 Dec 2022 21:38:08 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/8ec0f249-cb91-4db9-91e2-a12f62f45b16&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame FCB4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
privacy_small.svg
static.criteo.net/flash/icon/ Frame 500C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:08 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 500C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:08 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 500C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 25 Dec 2023 21:38:08 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 500C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 25 Dec 2023 21:38:08 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 500C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=_hAH-WWdd-aiho5unzzSitl4fPEHDkvfCCWf1NduMzkVjjSXlflg2PERAoiBNFRiwjLh92iG3wf1HHf48t_HHfZh4lbYiYEo1KkEpGvjQDymHRBC2XJImk14dTbNzCgCOHHDAfDGi0hwtBLJyKNbI6uYF-ugKGl73B9c2ezVjNALtB9OxQUt18nUuNoupTfACEkYcKls693B4CQBeYkTtIYqpdd5R6PTZWVDZOBMth79-TqlSTT9-6I9NyMQP-n9GR0HcW_i_hHaewLET_jxZbZ3qm96XcDkZP_TWAGOBARwx7r785Mtp5XuPm7pE9ryLzu-2bZ8wlfDoSe1f6H6H6C6xgoB1RPj5bKe_U5KETcZfG8pJn6dAbFqgft7HJEUmPwtPOb4SAsLyyeiMqVH79s-Skrrp5QHZMPzIcym17SAYPt0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3002574
expires
Mon, 26 Jul 1997 05:00:00 GMT
ai.aspx
m.exactag.com/ Frame 500C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=63af5a3fee43697774c95ed63780a120
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 30 Dec 2022 21:38:08 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Fr, 30 Dez 2022 09:38:08 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.eu.criteo.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1051
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8880 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50369
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 30 Dec 2022 21:38:08 GMT
expires
Sat, 31 Dec 2022 11:37:37 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 500C 		2 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:04 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1e0-8a8"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:08 GMT
sourcesanspro-700.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 500C 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:06 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1e2-8a8"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:08 GMT
animejs.js
static.criteo.net/animejs/ Frame 500C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:08 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=696&m=0&partner=8721&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Ff72c9b427a974b29a26231c07646f1bb_breuninger_de_all.png&v=3&w=196&s=VuCEdL4MZgckxZSrR_PgzcgN
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
34105da8973bdef5f096304c920c976eb20007ca983f322b4d1768d9bba9d1ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30782303
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9836
expires
Fri, 22 Dec 2023 04:16:32 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F7%2F100132042412000_0_1657278868747.jpg&v=3&w=800&s=u1tw4e2yV8X4NUq9Dr8-blD6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
f5c4506feee7f9d8f1b68d1ce4de55a7696f49c431319cb572fe2e9c0de5a988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=6201029
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4956
expires
Sun, 12 Mar 2023 16:08:38 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F2%2F100131958119000_0_1644246446553.jpg&v=3&w=800&s=6S_a8Gns60sFAYJ0mPq9LLZJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ea2a0a80b745b1872b2f7357d9f763c212e53f30edd6f73ea6047e2da573dea6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5216293
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4172
expires
Wed, 01 Mar 2023 06:36:22 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F8%2F100135834613000_0_1660902425555.jpg&v=3&w=800&s=uS9aSoH4p3SBok1LxGhgt_-4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
016e581f41313187d93d34e8aa3f57f75692e5184c4770bea78e75fd0b8342c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=6694334
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5440
expires
Sat, 18 Mar 2023 09:10:23 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F7%2F100131922116000_0_1657635781142.jpg&v=3&w=800&s=kjQvwqvGTHJxnDgMB-EyQAj-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
dfdc302aa8f35966e2afb75ed50acfa8680586cf04895a1ba96c5d460c3d367c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=7042793
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8946
expires
Wed, 22 Mar 2023 09:58:02 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F3%2F100125796111000_0_1646823988951.jpg&v=3&w=800&s=uVcm9iONOp9F5MyYUnHVg_Nw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
56d9f3eb5d8bda8bda15a53737ffea7cf0ab1f0c43f22715e8a0a7a77b236111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=6347208
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3650
expires
Tue, 14 Mar 2023 08:44:56 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F11%2F100132689213000_0_1668764040157.jpg&v=3&w=800&s=2NjP5QwSAZUMyI3r9DJzRGq_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4cf5e50bb60b71d63007bf41fd098082fb9209aad4da33338cf1b89c77408483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=7115453
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7482
expires
Thu, 23 Mar 2023 06:09:02 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Ftradebyte%2F02%2Fmedia%2F2618%2F332033-633ad62a8b88e.jpg&v=3&w=800&s=j2IlnD9yNBIP2JDt5S2hHrn4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a853952135a9986c494228957e9fed91fc3f9142ea83588e2c67bc5d253b3579
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=66481
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6762
expires
Sat, 31 Dec 2022 16:06:10 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F21%2F8%2F100118372113000_0_1629868105121.jpg&v=3&w=800&s=4FrjC7IlT05xJ2R9OMYrp0pG&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
c4d808228ffe856f77e8855ca493434eccd235377be6310a684b8c111f7a12ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=7109192
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1750
expires
Thu, 23 Mar 2023 04:24:40 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F9%2F100137751913000_0_1664361053659.jpg&v=3&w=800&s=GwSFvNldCHkQ0bFI8LgOv42h&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
8a2641de834e86f18cf8ecb89e8b48e67175560f111958d85f9f02e9fa105ea5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5826832
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11636
expires
Wed, 08 Mar 2023 08:12:00 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F8%2F100138267213000_0_1660056159090.jpg&v=3&w=800&s=sIgKn0IROjNJvpZEZ_sKzlQB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
84c9d5ba2ed14bb0f531200c964382af09e36182c0e4f8a780eb7c623930698d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5915328
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4728
expires
Thu, 09 Mar 2023 08:46:57 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F12%2F100137485812000_0_1670580490752.jpg&v=3&w=800&s=P5LULYa3xWtBnBeOLIWhW3n-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
369ef17b9caa93b0f4776a49da800cf191955a0362dd0b254cd52569790d5d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5962865
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5890
expires
Thu, 09 Mar 2023 21:59:13 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F11%2F100131700315000_0_1668763041288.jpg&v=3&w=800&s=1rkKsmOyZb3UceZiYHMTQR4s&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
9e8043dbd1c9027be9c64becf4df031b074c1d771463d5c4dfe2886017d48c0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=7578509
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11118
expires
Tue, 28 Mar 2023 14:46:38 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F10%2F100139658716000_0_1666087111030.jpg&v=3&w=800&s=fdu5x_IP5Eg7_mWueshGwln4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e85cb7317986158017b6b403246da71023585babda1f7d239e983bdb47ebe5ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=6682402
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3488
expires
Sat, 18 Mar 2023 05:51:31 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F7%2F100133003617000_0_1656682097808.jpg&v=3&w=800&s=DCLoro1huCrVc_aTelDVtLN2&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
08cfa4466b4880a0fef6eab8988adfa8dd96b5f02c34c37c6b9cb4c949c8f68c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5718798
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7706
expires
Tue, 07 Mar 2023 02:11:26 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Ftradebyte%2F02%2Fmedia%2F2549%2F167509-62ebefcdcb7e6.jpg&v=3&w=800&s=kw5Je-onr2BTqOH5yJhqxnZP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
41ea67e6a6dc723f1f4d267aeb1ea9283bb4a18190e39c1f59b78ee9a36c4184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=56533
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3852
expires
Sat, 31 Dec 2022 13:20:22 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F9%2F100133948815000_0_1664520242917.jpg&v=3&w=800&s=-pRGYIGngmgOSyePBbhOT09D&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3bb2cf7274e042eee9654714e576a659332f0dff4706c19b1f8a0a10c706613
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5665244
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17980
expires
Mon, 06 Mar 2023 11:18:52 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F11%2F100120515013000_0_1668518102769.jpg&v=3&w=800&s=l8LfvhGkcdNKSZl_YDxod1bO&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
7c8770156df698ff0834eb2a43da057a95bbd23f3b48921622cd70603145d3de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5768840
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3864
expires
Tue, 07 Mar 2023 16:05:29 GMT
img
pix.eu.criteo.net/img/ Frame 500C 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F6%2F100132034317000_0_1654708232366.jpg&v=3&w=800&s=gMvAExb8ydNDlNlUR6mfubv2&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d66322a343479a01affe9882990e519fef1a97fabdfdfdd3f2dd435202bbadb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5902605
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6544
expires
Thu, 09 Mar 2023 05:14:54 GMT
all
csm.eu.criteo.net/ Frame 500C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=7EzAXiUfU-nAphLjgDaqM2szra-7GaF6YL3Z9PrzSVOEGhpC79rXtqr5Ky9j-SzOoIhn4hZEBs7tqM1wgPp2Xfw_gm82TTj5x7KWPn-yKbsmO_S_FO3kVp7r7bHn8xnmWXpCyoJb2SIjcQcswHL6jt3FaHYxmFGSMG3rycl_FSUZWuvQdMEG4XhYWfCSchGbynlGkscgA05Fl3AQ9eGnpasLBfx6xiNZnhwfSlr5_ac3KGTKhAW5tHVEOdkhwJrTjdBIvQ&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 500C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:08 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 500C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:08 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8880 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65664364&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcaf27e3abe8cd84615affec01b45c70bf93ac85673f6653d3de14dedf0a2f64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
truncated
/ Frame 8E02 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
9360a37d-ffbf-474b-841e-d818677f8c71
https://www.walla.co.il/ Frame 8E02 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/9360a37d-ffbf-474b-841e-d818677f8c71
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
playlist.m3u8
amg01742-walla-wallanews-ono-2eohr.amagi.tv/ Frame 8E02 		732 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-2eohr.amagi.tv/playlist.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2da824787b226f8860272dc44169ce7ec8708e7737ed663a211c7a7ce64c426f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2
x-cache
Hit from cloudfront
content-length
732
last-modified
Mon, 14 Nov 2022 11:38:03 GMT
server
AmazonS3
etag
"77ff7239dd2ac86596114ebb9b3d04e0"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=3
accept-ranges
bytes
x-amz-cf-id
XCeGtI_cKi9rk_oUZCPBN7d5nJu6Mapu8Y03J7ZQ6Chh4OJ_VN2AOQ==
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame E76F 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
449211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 16:51:17 GMT
expires
Mon, 25 Dec 2023 16:51:17 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 8E02 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Dec 2022 21:38:08 GMT
integrator.js
adservice.google.com/adsid/ Frame 8E02 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
a7434f3d-3190-44f6-9dce-e0f0f61c4bc0
https://www.walla.co.il/ Frame 8E02 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/a7434f3d-3190-44f6-9dce-e0f0f61c4bc0
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Length
5872
Content-Type
application/javascript
b7ae8c78-d231-45c9-8b3c-5b96d0432e6d
https://www.walla.co.il/ Frame 8E02 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/b7ae8c78-d231-45c9-8b3c-5b96d0432e6d
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35dc98d4d5d230542ea1fbbef4e1632155545e01ffbe261346e0254a8620100c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
aa207277-54c7-4c6d-abb5-1205c317749c
https://www.walla.co.il/ Frame 8E02 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/aa207277-54c7-4c6d-abb5-1205c317749c
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35dc98d4d5d230542ea1fbbef4e1632155545e01ffbe261346e0254a8620100c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
playlist360p.m3u8
amg01742-walla-wallanews-ono-2eohr.amagi.tv/ Frame 8E02 		528 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-2eohr.amagi.tv/playlist360p.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d0cb5f46134bf184b84eaffbf879473d426be30ec3d96187982e7a1511c2416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:07 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2
x-cache
Hit from cloudfront
content-length
528
last-modified
Fri, 30 Dec 2022 21:38:03 GMT
server
AmazonS3
etag
"8975354dbbb05258ab9c38501329a9d5"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=3
accept-ranges
bytes
x-amz-cf-id
vYsiFHXmcI1Y9RLl-I2q6XKz4XxXXmCqsdzbCJGXX9Dd0ZlEW8evzg==
Pug
simage2.pubmatic.com/AdServer/ Frame 9E60
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8e4663af-5a40-4400-a6b6-b7352681f2cc&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8e4663af-5a40-4400-a6b6-b7352681f2cc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 21:38:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 30 Dec 2022 21:38:08 GMT
Expires
Fri, 30 Dec 2022 21:38:07 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master cdg-pixel-x16 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8e4663af-5a40-4400-a6b6-b7352681f2cc&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 59F2
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=629282677052548305
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=629282677052548305
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 21:38:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=629282677052548305
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 7EBE 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:07 GMT
expires
Fri, 30 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
749135
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9210
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=49D7B69C-5C27-4145-96D0-8B5DD56732B7&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=49D7B69C-5C27-4145-96D0-8B5DD56732B7&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=49D7B69C-5C27-4145-96D0-8B5DD56732B7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 30 Dec 2022 21:38:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
KYS8E13KYJ0FM5JHFWVV

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 30 Dec 2022 21:38:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=49D7B69C-5C27-4145-96D0-8B5DD56732B7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
5D0VRFPXFQRNH8AX351Y
Pug
simage2.pubmatic.com/AdServer/ Frame A59C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3200286950011710416&gdpr=0&gdpr_consent=
42 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3200286950011710416&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 21:38:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
5a5b0ef3-9ad8-4913-a74a-241c20e07cac
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Dec 2022 21:38:08 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3200286950011710416&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
49D7B69C-5C27-4145-96D0-8B5DD56732B7
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 9D02 		0
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/49D7B69C-5C27-4145-96D0-8B5DD56732B7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debb3d9336925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:08 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8880
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sde2nFwnQUWW0Itd1Wcytw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=50369
accept-ranges
bytes
content-length
5554
expires
Sat, 31 Dec 2022 11:37:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 8880 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=49D7B69C-5C27-4145-96D0-8B5DD56732B7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
781debb418b22bf2-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame 8880 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.16.9
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 8880
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1273600303
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=49D7B69C-5C27-4145-96D0-8B5DD56732B7
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=49D7B69C-5C27-4145-96D0-8B5DD56732B7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
via
1.1 google
last-modified
Fri, 30 Dec 2022 21:38:08 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=49D7B69C-5C27-4145-96D0-8B5DD56732B7
date
Fri, 30 Dec 2022 21:38:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 8880
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDlEN0I2OUMtNUMyNy00MTQ1LTk2RDAtOEI1REQ1NjczMkI3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 21:38:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8880
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFPKh6mondeefGQ4U1Qpwk4&google_cver=1
42 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFPKh6mondeefGQ4U1Qpwk4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 21:38:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFPKh6mondeefGQ4U1Qpwk4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 8880 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 29 Dec 2022 21:38:08 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8880 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 8880
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=202859567694457704
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=202859567694457704
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 21:38:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=202859567694457704
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=9e1ed58db85af39284bb1780d2373f6f_1769_1672436287812&tm=2714&eT=0&widgetWidth=863&widgetHeight=401&widgetX=537&widgetY=12616&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1300&oo=true&lo=1497&odbreq=3125&odbres=3482&mvreq=3494&mvres=4794&re=4796&cet=4g&cs=5&to=1672436283826&umv=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 21:38:08 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
1c20b51ff696962bb6481e767ac00daa
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=523cd481ab2fcc08b95bc6444d1ccd10_1769_1672436287920&tm=2738&eT=0&widgetWidth=863&widgetHeight=283&widgetX=537&widgetY=13042&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1300&oo=true&lo=1497&odbreq=3125&odbres=3482&mvreq=3494&mvres=4794&re=4820&cet=4g&cs=5&to=1672436283826&umv=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 21:38:08 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
5716d55ff93928d096581b1c3f0df615
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=e310f144cd50f1f3bfb35660096a2f5d_1769_1672436288131&tm=2739&eT=0&widgetWidth=863&widgetHeight=283&widgetX=537&widgetY=13348&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1300&oo=true&lo=1497&odbreq=3125&odbres=3482&mvreq=3494&mvres=4794&re=4821&cet=4g&cs=5&to=1672436283826&umv=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 21:38:08 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
c94213671916cf7fdfb75443aab8011c
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=e53c646335d52bd62ed8058b30eaea31_1769_1672436288281&tm=2740&eT=0&widgetWidth=863&widgetHeight=260&widgetX=537&widgetY=13655&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1300&oo=true&lo=1497&odbreq=3125&odbres=3482&mvreq=3494&mvres=4794&re=4821&cet=4g&cs=5&to=1672436283826&umv=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 21:38:08 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
9a7f55f199cf0c0448a9e5721b42ca12
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=c242e0f370a4c3b17e92a45e8ca0e9ec_1769_1672436288467&tm=2740&eT=0&widgetWidth=863&widgetHeight=283&widgetX=537&widgetY=13940&wRV=20109&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1300&oo=true&lo=1497&odbreq=3125&odbres=3482&mvreq=3494&mvres=4794&re=4822&cet=4g&cs=5&to=1672436283826&umv=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 21:38:08 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
b9b83f7b85429d00d5db58850a7ecd87
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
mv.outbrain.com/Multivac/api/ 		88 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=20109&apv=true&sig=693oGBqf&format=html&rand=6194&em=1&osLang=en-US&umv=0&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZDgzYTBiNzJjMmIyNzAyNDQ4MjEwMTExYjIyZjhmNGM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=4&lastIdx=10&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/20109/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cc2a4914a39f112d7a1ce52344cbbedde56f5b85f326f8c884d0d682e38fa2cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1672436289.661346,VS0,VE785
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21957-LGA, cache-vie6356-VIE
x-traceid
f8d05ae587bb33ef56a9c9c990e0b680
accept-ranges
bytes
content-length
22045
expires
Thu, 01 Jan 1970 00:00:00 GMT
1
sync-eu.connectad.io/syncer/ Frame D6A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
781debb45b1c2c02-FRA
date
Fri, 30 Dec 2022 21:38:08 GMT
server
cloudflare
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 30 Dec 2022 21:38:09 GMT
server
Google Frontend
x-cloud-trace-context
47f72e1cc20de0cb77ef60fa17f0c1e0
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
x-request-id
dff6b1f2-1537-40f4-a96d-db3463837bd4
x-vad-version
0.9.13

Response headers

date
Fri, 30 Dec 2022 21:38:10 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
bd40b51dd4b993e86746456ec2ee430f
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		156 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=436112790262561&correlator=3038009768857431&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cyad2_rectangle_desktop%2Cshopping_rectangle%2Csport_small_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=120x600%7C160x600%2C320x50%7C300x400%2C320x50%7C300x250%7C300x260%2C320x50%7C300x250&fluid=0%2Cheight%2Cheight%2Cheight&ifi=17&adks=2273020712%2C1194681899%2C1073900268%2C2033830820&didk=1193245113~1193245115~1193245114~1193245117&sfv=1-0-40&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.12%26vad_adid%3D874926d2576511e%7Cslot_name%3Dshopping_rectangle%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.08%26vad_adid%3D89333eadbc5a7a8%7Cslot_name%3Dsport_small_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D9045c2e41f523e2&eri=1&cust_params=permutive%3D&sc=1&cookie=ID%3D0176f1992b1f8560%3AT%3D1672436287%3AS%3DALNI_MZZbRm9OcBXKB6atLfJb6N-nL9O7w&gpic=UID%3D00000b9af692e851%3AT%3D1672436287%3ART%3D1672436287%3AS%3DALNI_MbdjbA2ZTvbdMJCmIqQjFEj-GKGVQ&abxe=1&dt=1672436288706&lmt=1672436288&dlt=1672436284301&idt=703&adxs=1480%2C200%2C200%2C200&adys=550%2C1961%2C1981%2C2001&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C16%7C17%7C18&ucis=h%7Ci%7Cj%7Ck&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C300x0%7C300x0%7C300x0&fws=132%2C132%2C132%2C132&ohw=0%2C300%2C300%2C300&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tv50TyTFs3nXai2zKYXd-tOHGccFFVnw17YxPCDnchthirDkolstUdBSKgJX88GjIJkccsRtirdgOokN-b4J4zHM1r3aFo%2CACgb8tvMWKAAcAxYDGQsq_MV4GGIObJv9jkMK4ORaUeAsbrRDC-3EdmEz-danf5i8RHkPbkqmsQyrkhNUrWz9mwn36a5dZYq77Q%2CACgb8ttAkQtCkE2EZIYaTAgXN7QoKzm2OQv3OApKG1oCmD88FE9fCca0lNTZ_0BsZ_vRyLKp1WY_RRaTrGaP0sx2Itl4GoojiF8%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8ttZDj1Esbus4jCXjJLHXW9ejBmpRctNmfMRt1_Xq1zLXnMy6mc_OQeE8-gIQC0iVv6jq38-Pv-zS54Zudt2_hQpn2RN-i4%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=1852875319.1672436285&ga_sid=1672436287&ga_hid=61718290&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92741173158254e3a07b613eed6a4be3a4dcd80c5a917e8b73b1e5c3af7c7c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29583
x-xss-protection
0
google-lineitem-id
6052067955,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138396977314,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 500C 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1df-32ec"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:08 GMT
sourcesanspro-700-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 500C 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1e1-327c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:08 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E76F 		475 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=43010785%2Fwallanews%2Fmain%2Fpre_desktop&sz=635x360%7C640x480%7C640x480%7C640x360%7C635x360&url=https%3A%2F%2Fwww.walla.co.il%2F&description_url=https%3A%2F%2Fwww.walla.co.il%2F&cust_params=app_name%3Dfalse%26providerId%3D0%26item_id%3D0%26vertical_id%3D173%26vertical_name%3D%D7%95%D7%95%D7%90%D7%9C%D7%94%26category_id%3D0%26item_type%3D%26exclusive%3Dnot%26login%3Dno%26isMobileApp%3Dfalse&output=xml_vmap1&vpi=1&gdfp_req=1&env=vp&unviewed_position_start=1&vpa=click&vpmute=1&sdkv=h.3.549.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=3763514115&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2F2116d26d-e28d-4327-ab6f-05eb2ec049eb&sid=0ECF9629-96BD-4E3E-BCF9-27458C44162A&nel=0&eid=44748969%2C44765701&ref=https%3A%2F%2Fwww.walla.co.il%2F&top=https%3A%2F%2Fwww.walla.co.il%2F&loc=https%3A%2F%2Fwww.walla.co.il%2Fpublic%2Fplayer.html%3Fautoplay%3Dtrue%26imaAdUnit%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26imaKeyValues%3D%257B%2522app_name%2522%253Afalse%252C%2522providerId%2522%253A0%252C%2522item_id%2522%253A0%252C%2522vertical_id%2522%253A173%252C%2522vertical_name%2522%253A%2522%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2522%252C%2522category_id%2522%253A0%252C%2522item_type%2522%253A%2522%2522%252C%2522exclusive%2522%253A%2522not%2522%252C%2522login%2522%253A%2522no%2522%252C%2522isMobileApp%2522%253Afalse%257D%26muted%3Dtrue%26player%3Dwalla%26stream%3Dhttps%253A%252F%252Famg01742-walla-wallanews-ono-2eohr.amagi.tv%252Fplaylist.m3u8%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F&dlt=1672436285929&idt=2664&dt=1672436288805&cookie=ID%3D0176f1992b1f8560%3AT%3D1672436287%3AS%3DALNI_MZZbRm9OcBXKB6atLfJb6N-nL9O7w&gpic=UID%3D00000b9af692e851%3AT%3D1672436287%3ART%3D1672436287%3AS%3DALNI_MbdjbA2ZTvbdMJCmIqQjFEj-GKGVQ&correlator=345400620696963&scor=46063345753730&ged=ve4_td3_tt0_pd3_la3000_er3081.790.3081.790_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c304344eff955b3da1e3ab3ffc88dea0fe128903e53895978136eb4f431abfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4BBD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIip8KXxSJAx_yx4jtPO2JKAZWRdQjqCZrI18MC80OI_-fWwnziZ4ILJ8pRUNHIoy2FSxVXn06TQ2AP9zQsLn1mnI&sig=Cg0ArKJSzDEO5eAYOjM1EAE&cid=CAASF-RoFdyZckxinEDIzgwJ7vgcjGM0V2uU&id=lidar2&mcvt=1000&p=20,315,370,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339185&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672436287641&rpt=568&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 732A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUullQ9SqTXef03ykeDTkUSuPOAek-g98umq_bDjRPxiEzsFob945J6ZppARt2mHgmmCiFOwXlyhMg0eO2FtrtXSfcn4upIS2o4yC8Sw00EAL_IujifxW8YvEK3CzJwM1cjd9dqwEiMmdimTHkJKYkqGS3C2OuGyeCudI_oJyYNZjGN_ToMeL-r4pQlnafCo1bb1r7hjqG5VNWTV_2nde4NzrnNaqs8pBe59mipe8jdcaesTCtczNjdKL26QG2cwbV5VzOhn-EkWxe9hBWKHIZe1QjojGZsI_sYf874l6fHYJJ5wgQU3aEgDz-ATLJaROXIsVANjFQ9giuXB1sohOq4guMYibcWg&sai=AMfl-YQmNV8rHvsWXaxrsK3s6irr8ldmpajst1yItf18vC4UgCZwkKyjDjyJICnUl4-I74MjGXd1b88PsUQt6ZlNmtlTdRQYsSqPSZXbCE3KH3vqjPfXPlJrSgH7VWfB3h8o&sig=Cg0ArKJSzDaXNKmdYBJ-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lib.single.wtg.min.js
lib.wtg-ads.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.wtg-ads.com/lib.single.wtg.min.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65a91f782149be43f647e511bd59ec877df7ca0a4faef07a07742c0f4c615b0d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
589794
last-modified
Tue, 27 Sep 2022 11:14:06 GMT
server
cloudflare
etag
W/"6332dafe-a0cb"
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1I1CvobB2QDzw55wGiisFr5eG8VpuB8YMpEWaWZc9%2FRc%2FEqzvDAmtr8kgKiztQRmIxvnCvjTjhv3Z3rPJccYX7t376Gsg15rJDNN7hl727t8fWg0VlTlZgNQWppgVonYcjy%2FmcszLcA6nV4jxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=10800
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
781debb838af917d-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 24 Dec 2022 04:48:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 732A 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 21:38:09 GMT
container.html
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A4B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:07 GMT
expires
Sat, 30 Dec 2023 21:38:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame A26F 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A26F 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A26F 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:06 GMT
age
172923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:06 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A26F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A26F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
css
fonts.googleapis.com/ Frame A26F 		6 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 21:03:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Dec 2022 21:38:09 GMT
iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A26F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/iw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 18:59:43 GMT
x-content-type-options
nosniff
server
cafe
age
9506
etag
415739381108731362
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2712
x-xss-protection
0
expires
Sat, 31 Dec 2022 18:59:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A26F 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:36:06 GMT
x-content-type-options
nosniff
server
cafe
age
123
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 31 Dec 2022 21:36:06 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 168B 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 168B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 168B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:06 GMT
age
172923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:06 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 168B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 168B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
css
fonts.googleapis.com/ Frame 168B 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 21:12:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Dec 2022 21:38:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 168B 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:36:06 GMT
x-content-type-options
nosniff
server
cafe
age
123
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 31 Dec 2022 21:36:06 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A26F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ck2viQFqvY-riL8e_9u8PguSXsA6bnI_7bYTp8_DTEOGQuozxChABINGTwypglZKWgqgHoAG5-p_UA8gBBqkCzq7JzoZOoj7gAgCoAwHIAwqqBPMBT9ByNZSzzd9322aPZcappQUALVnxl5sIZw2O8ypke4ZQ0g4wRpXkwMyVX9NLd5qLAWDTwu1XeUscMQspTZ-T9nFTjsJHydJ4fuQS9qtq0U3p3ZtkNqb-BmxFeDK03yx1sJZYvbUjG86LfsQHkxUqHHdmuRDcF5gFkDPD1GBqKu4mhRO6som_HPpGnHTjtDf1APYvZ5ylKdxo4gkfhbgOncQFNyowa3fIO8wA3-SOwOu-QSzZXqF_AmsU7jfoXVF9i-IMY0d1Z8f_4yRNKO5xU_KQjgZFl6Zqn9ihW3ltJdIbMBwrvWH_BmiesI_oQ_cRWZgvwASwo-GP8gPgBAGSBQQIBBgBkgUECAUYBKAGN4AHr4XgK6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEI38GdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=UyRlmVf8nbo&uach_m=[UACH]&cid=CAQSOwDq26N925I8xMnUL4VFwRx1TUprLefuDwAuu8yUG_w4TJWgP1LhmmMAx1fR_hfHEIKX_nBgjr7p6sVIGAEgEw&template_id=492
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame A26F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwdl5v_J41d9NP27u6u--4gaFdLR2Z4Hic2zv6NTW3EMmQ5mgknntmTiU30X4B3CuQhoCJ9CXFe2Olo_CblqdtUDC2tg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
iw_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 168B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/iw_bl.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc6db8a2f5871b00429dc989456c364f786fa6687f37fbd59c1621321fbae4c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:19:57 GMT
x-content-type-options
nosniff
server
cafe
age
19092
etag
6020857982674612102
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2706
x-xss-protection
0
expires
Sat, 31 Dec 2022 16:19:57 GMT
l
www.google.com/ads/measurement/ Frame 168B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDC8_GnTtO4ysXG9mhuEL5BC6wx6Kikzch92uewf3-PeYSEs4AEwZ093ogbzkKHzLakS09zDVb8vxNYSJiHEuti7vDRA
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 168B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGYA1QFqvY-viL8e_9u8PguSXsA6bnI_7bdvGus2cEMyP2IHwBRABINGTwypglZKWgqgHoAG5-p_UA8gBBqkCzq7JzoZOoj7gAgCoAwGqBPYBT9BDYUuL8lZMgPomtJVQYo-Vye_sk3wirdIcFXhT5sfi42z9JoepFe2LVfS9O-7MFiMGBWtcPPVKw9cj_6K_Fvi7RLwseTl78tM50v3H_W9yHoGWRqJ2n8f9xTwv68C9WvlehGpxumYqZM13JRwJ8dHloaiJX8sdy6iLvr87uiw__s09GTStFr43JOYFIeYHqZHo3XgD3BJFhdyGCvVGn5dVjbLgB4F_hWZZFVliy7MC1SMW0i4ge34wEY-ypmc7NckWXPc8CNExlHZa9Xp-XPLVB7iQvfU4V07YWxvvPabIfjzlM_c-hp5Ai0Sr_59ViNsGu0nrwASwo-GP8gPgBAGSBQQIBBgBkgUECAUYBIAHr4XgK6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENmSCdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=OuwZ6d1ulBU&uach_m=[UACH]&cid=CAQSOwDq26N925I8xMnUL4VFwRx1TUprLefuDwAuu8yUG_w4TJWgP1LhmmMAx1fR_hfHEIKX_nBgjr7p6sVIGAEgEw&template_id=5028
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
truncated
/ Frame A26F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9da4e0b6e972737986023f23ca71cdc9ba6b296d12bcac8a9bcf2959f8094ea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 168B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 168B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e53b8405de5c1f4ab50df7ff8fb0878b26ef7ef3930a07f8e84769c70bdf86b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=61718290&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=IMAPluginLoaded&el=&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1852875319.1672436285&tid=UA-4780630-1&_gid=1693097556.1672436285&gtm=2wgbu0T728TH&cd1=1852875319.1672436285&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd47=Live&cd49=&cd50=Live&cd72=true&z=1331170619
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68138
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0A4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CS9n8QFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT6AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8ksai9ULvU3kV6i6DgJuhJeGQGXVtMWr0kS5IgIb7HfTByhh4kLTjgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=3N87JgY6vlg&uach_m=[UACH]&cid=CAQSOwDq26N925I8xMnUL4VFwRx1TUprLefuDwAuu8yUG_w4TJWgP1LhmmMAx1fR_hfHEIKX_nBgjr7p6sVIGAEgEw
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 0A4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k7KVELr5RKwCkAOdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQP1qvY2yIgXLX6HJ29B9FABIAAA&wp=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
287638
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 33D9 		141 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
36bb2a0e62a2efd2aba9086c3a1a8f30adc0f1f0698aa965b3fb1f01df8d710e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:08 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=NOgb1CUfU-nAphLjXyjKTVz0-8rktmwhFpR8-i2B8yxqQq7XAPjVRj12L4fH3zFhwcs5zh_ZUflE1ttHUEL-62wDYT6IJWNa7NSlu6n02-djvuKH4k6QsRIHk_cAy6X4HuO96Lhsbuu8EF83l58xKx-s8eq91dipcLwbewa5KKznaBBSOU5wbDaITj-9url6VG7V1f_iiPk6ZmdiAhcGuE77GvzfdEfvVAna6cXfs-80Hi9AnEcO6ZcE0kPjuvFYd2dEiQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
64067008
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0A4B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 21:35:44 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6114 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51006
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Sat, 31 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0A4B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:35:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 21:35:43 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0A4B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 21:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
172954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Dec 2023 21:35:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0A4B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 21:38:09 GMT
standard.publisher.config.min.js
lib.wtg-ads.com/publisher/www.walla.co.il/ 		42 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.wtg-ads.com/publisher/www.walla.co.il/standard.publisher.config.min.js
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.single.wtg.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c39e471862a462f063ad13a27d59efd62c405bf5d3a31a6a619423626a05d6d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
503451
last-modified
Wed, 14 Dec 2022 14:35:34 GMT
server
cloudflare
etag
W/"6399df36-a714"
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BZI8nF%2FyPKyGmAQySEhshNX%2F0COecc2GBnCYLuju%2BMvxNf%2FVoSDXTo339rDcC2QxMbzgYbV7LVUy0epPWbwWpDL3oI0o85JOIkHcwCd7uWypY4xwp%2FrWKn%2Bv8ayp7aqxRHS%2FHrjGxsG%2Fp9a6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=10800
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
781debb8a977917d-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sun, 25 Dec 2022 04:47:18 GMT
all
csm.eu.criteo.net/ Frame 500C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=7EzAXiUfU-nAphLjgDaqM2szra-7GaF6YL3Z9PrzSVOEGhpC79rXtqr5Ky9j-SzOoIhn4hZEBs7tqM1wgPp2Xfw_gm82TTj5x7KWPn-yKbsmO_S_FO3kVp7r7bHn8xnmWXpCyoJb2SIjcQcswHL6jt3FaHYxmFGSMG3rycl_FSUZWuvQdMEG4XhYWfCSchGbynlGkscgA05Fl3AQ9eGnpasLBfx6xiNZnhwfSlr5_ac3KGTKhAW5tHVEOdkhwJrTjdBIvQ&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aPwAC8qMH_YfhAAhWwJI2JmUqiebfbYnHoQ&u=%7C9n1Df%2BwpZPuZsZBWJlZBSBe1bCAq6SWr3J4xYHESGbk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSgsfvmzq0F4MI5wKnissuvTaXzA6nSxMC7OcFarP1Nh34MDU57iMr02lAo_TdVtJPbMkhbSZJnvxI9ctICFF43X8aBVfBSA9d1QNtvuGv76BITLaPRnxLpSsRJNv9zscy5OCoRFGMAh6ivmGkr5nskd7ZTKUiE6yaIiIC6gRoihspod05MoUSOYSU-SaueY8E_C43uYKHdID4D3qfWXaAb4YIvr_AdrSwbxVW8S8OUsZsBJryjtPTFcaqOPIr2LWdwHIN54OrohT9uVjl8zH-F4o9XB9-tiMqiuso3GS-s4dnChsEKRCBw3IFZmnvrDb09zejn-bmy5JXCMIsLqiM849fFkI9e3ghKVwpoh6yyhACMyk2eXILfx885j24q-oyMvG0SsA1wbNOEg2W2Kv5JIwzdklNEpQlVa91greh_C23RihkfgWlVdISWLEwNWe8Q-xNMEGVWyy4AVdzNBAsk-P6ibzQzl2xGJ6aMPHvzZ9nyeV3N88K40FvXBmqII96eg8BsqUkLm3rLYnp8coiWXSEOPROA-jN_naFxZV3hNClG1-xcKu-w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9iXYP1qvY6PlC-GP9u8PwK2hmALJntKxXPWdmPdwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT0AU_QT0zFoh63NRTDUa9N6GN1yIJ1ky_-isPLf3imQc2PenjXAVZW1P87S5hGvEMbf0OwXzqn3t8pmckb3geEOH9iYQZC8IdAXX5K3zZe3c6o4K8UzEJGPAh_9fHxvXQtlhiVJoY7khllgkUHfznoPsEiEsSB1TX9DCSV9TFoxyWvchdF_gTsxdPWUvC6idY7t-cC7wTrnXLyhixN36if_O1VoaaoAqZnoX0nVADowB3P6MufWCoWbwKcvxBhzOZR6CgTNfQfMFUThSnraLeEWHkrXiqcAMwx0HOmOgw8dNYJylKmT5raamEidAwvYBJ5_SWUkHbgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Wxl_FoHl88y6C0ZAzhDLl0oEJrw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
i.match
s.tribalfusion.com/z/ Frame 6114
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAuDR7vymaobj4gGsgPqe8s&google_cver=1&google_push=AavPq0Pz0VJVoOBXvu2DNTbPu8gxbqGu3Hv_E8MNmTF76OhuZY8krrBovuwHTtn-KqZKyNbM63mHAH0CNTMxYyJALG9S4qGWKqQh&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAuDR7vymaobj4gGsgPqe8s&google_cver=1&google_push=AavPq0Pz0VJVoOBXvu2DNTbPu8gxbqGu3Hv_E8MNmTF76OhuZY8krrBovuwHTtn-KqZKyNbM63mHAH0CNTMxYyJALG9S4qGWKqQ...
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAuDR7vymaobj4gGsgPqe8s&google_cver=1&google_push=AavPq0Pz0VJVoOBXvu2DNTbPu8gxbqGu3Hv_E8MNmTF76OhuZY8krrBovuwHTtn-KqZKyNbM63mHAH0CNTMxYyJALG9S4qGWKqQh&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Pz0VJVoOBXvu2DNTbPu8gxbqGu3Hv_E8MNmTF76OhuZY8krrBovuwHTtn-KqZKyNbM63mHAH0CNTMxYyJALG9S4qGWKqQh%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:10 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
781debbd7b558fef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2785
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAuDR7vymaobj4gGsgPqe8s&google_cver=1&google_push=AavPq0Pz0VJVoOBXvu2DNTbPu8gxbqGu3Hv_E8MNmTF76OhuZY8krrBovuwHTtn-KqZKyNbM63mHAH0CNTMxYyJALG9S4qGWKqQh&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Pz0VJVoOBXvu2DNTbPu8gxbqGu3Hv_E8MNmTF76OhuZY8krrBovuwHTtn-KqZKyNbM63mHAH0CNTMxYyJALG9S4qGWKqQh%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
781debbabf318fef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6114
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN99smnlqI6dBaYzCARkzJM&google_cver=1&google_push=AavPq0NNuSCYTDnMiAOpTbx9596YPERjPE23ANsQA0rBY5Wc_eGpf3xmGXiAd6-McWEG75x1FT-_6O_pZZJ8As...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MzA1OTE2MTYxMzkyNDUwNA%3D%3D&google_push=AavPq0NNuSCYTDnMiAOpTbx9596YPERjPE23ANsQA0rBY5Wc_eGpf3xmGXiAd6-McWEG75x1FT-_6O_pZZJ8AsxB-h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MzA1OTE2MTYxMzkyNDUwNA%3D%3D&google_push=AavPq0NNuSCYTDnMiAOpTbx9596YPERjPE23ANsQA0rBY5Wc_eGpf3xmGXiAd6-McWEG75x1FT-_6O_pZZJ8AsxB-hQNB7N1lpXV
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MzA1OTE2MTYxMzkyNDUwNA%3D%3D&google_push=AavPq0NNuSCYTDnMiAOpTbx9596YPERjPE23ANsQA0rBY5Wc_eGpf3xmGXiAd6-McWEG75x1FT-_6O_pZZJ8AsxB-hQNB7N1lpXV
Date
Fri, 30 Dec 2022 21:38:09 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 6114
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEQ8hAqzMhOf7p1B3LKhP1I&google_cver=1&google_push=AavPq0Pf_t0BfHPx4Qo_2ZW6KD32Rjn7OBJfKDAmWoTYVk28-H1cm_cGc-xN9cCmlCTcX_PqAHIzeJnJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAyODU5NTY3Njk0NDU3NzA0&google_push=AavPq0Pf_t0BfHPx4Qo_2ZW6KD32Rjn7OBJfKDAmWoTYVk28-H1cm_cGc-xN9cCmlCTcX_PqAHIzeJnJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAyODU5NTY3Njk0NDU3NzA0&google_push=AavPq0Pf_t0BfHPx4Qo_2ZW6KD32Rjn7OBJfKDAmWoTYVk28-H1cm_cGc-xN9cCmlCTcX_PqAHIzeJnJYDt3y1K60FLOMmXiERh0
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAyODU5NTY3Njk0NDU3NzA0&google_push=AavPq0Pf_t0BfHPx4Qo_2ZW6KD32Rjn7OBJfKDAmWoTYVk28-H1cm_cGc-xN9cCmlCTcX_PqAHIzeJnJYDt3y1K60FLOMmXiERh0
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6114
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_hm=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&google_nid=index&google_push=AavPq0NAh4AlMNaPqxB0RETJ0uNLO3QQqttov...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_hm=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&google_nid=index&google_push=AavPq0NAh4AlMNaPqxB0RETJ0uNLO3QQqttov58tCdFZrasLdjZl3BW6Xc-K8420KjavzT-y4S3PwZiHmL6a2UOCB7RqtHG7qpI
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZxFNpugSWcsJoaVOLGWTjDh%2BZctO7GeRZMByZdCiEo%2Fk6ViGJwph77DDEU67zF40FL08QBJHHsZmWD%2FJjV6oW8JYmQdgmzUN5cISJrDwuPcF%2BJuHrX8z%2FA4SVJfc%2Fqg0JWxNmoqTOXnYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_hm=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&google_nid=index&google_push=AavPq0NAh4AlMNaPqxB0RETJ0uNLO3QQqttov58tCdFZrasLdjZl3BW6Xc-K8420KjavzT-y4S3PwZiHmL6a2UOCB7RqtHG7qpI
cache-control
no-cache
cf-ray
781debba0e9192b9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 6114
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEP1pOtaixeRpBDF5yqZoZhI&google_cver=1&google_push=AavPq0MfluHNpEBt5b-TTEH_YbhSujWY6uTunL7bYyymYHfNSEa2UjAEZgqh_Y0WnrhvWHxy0V0IfBbadATGeHObvuzyza...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jsDyScuRTbmR4qEvYvRbFg&google_push=AavPq0MfluHNpEBt5b-TTEH_YbhSujWY6uTunL7bYyymYHfNSEa2UjAEZgqh_Y0WnrhvWHxy0V0IfBbadATGeHO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jsDyScuRTbmR4qEvYvRbFg&google_push=AavPq0MfluHNpEBt5b-TTEH_YbhSujWY6uTunL7bYyymYHfNSEa2UjAEZgqh_Y0WnrhvWHxy0V0IfBbadATGeHObvuzyzaLIMSNC
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jsDyScuRTbmR4qEvYvRbFg&google_push=AavPq0MfluHNpEBt5b-TTEH_YbhSujWY6uTunL7bYyymYHfNSEa2UjAEZgqh_Y0WnrhvWHxy0V0IfBbadATGeHObvuzyzaLIMSNC
access-control-allow-origin
*
date
Fri, 30 Dec 2022 21:38:09 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 6114
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0M6pgbvcsCwai1MkNAGuItUvYjPvueBG-TVlVjDptbeaV8HYpDZmXM2zPoxXrS1tW12TEgSlG7gCIRXAA1i0g8_8aNiKe1r&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-590e55ef-10ee-4f2e-838d-6a7dee6107cc-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0M6pgbvcsCwai1MkNAGu...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0M6pgbvcsCwai1MkNAGuItUvYjPvueBG-TVlVjDptbeaV8HYpDZmXM2zPoxXrS1tW12TEgSlG7gCIRXAA1i0g8_8aNiKe1r&google_hm=A1kOVe8Q7k8ug41qfe5hB8w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0M6pgbvcsCwai1MkNAGuItUvYjPvueBG-TVlVjDptbeaV8HYpDZmXM2zPoxXrS1tW12TEgSlG7gCIRXAA1i0g8_8aNiKe1r&google_hm=A1kOVe8Q7k8ug41qfe5hB8w
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0M6pgbvcsCwai1MkNAGuItUvYjPvueBG-TVlVjDptbeaV8HYpDZmXM2zPoxXrS1tW12TEgSlG7gCIRXAA1i0g8_8aNiKe1r&google_hm=A1kOVe8Q7k8ug41qfe5hB8w
date
Fri, 30 Dec 2022 21:38:09 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX590e55ef10ee4f2e838d6a7dee6107cc003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame 6114 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEbBp_Ad55dLsu__qYH-eok&google_cver=1&google_push=AavPq0N2IUZCzjqZUe43RRQKNMEsHFvNvrAqscL4KfQjlcDK48mHkGDQTxKG1YbhqkH3brJNaNeKw03SYoYHOprITIkmxY720NA
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 6114 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lx0oKbJ5Ao-haKImO6K6OgBVfYLEfGfFOA6TKHTshSRGthj7-2j5qM-9UBoTP5M_GnK4hD
Requested by
Host: c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 732A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2T1zFdXkj1Vs6Hil0u7N6lCJlpzMwJOv87wUQNz6nXouIHStDFr1xmr7uP5qudAcUYn8TWU-maaAsJTto_Ky_c--LuXccUfH4wV-nh-ur6sMbSU4rpHzhtCwZ_m3dMoIpxIur77-G9tc1dKtIuijMYqYSqgys9URXlY_BZUgX5U-q922vWmOsbRE7i5HOd4eQDBOeukXrPsbJZi-PS5MvcKbsooz_zFx_ovn3y5EEbc8OSduniqt2GL-q1DFcnt1cLf4gki2XqVmb0SOvC3ldxTh6We32bkH6cuJK8cQy5oLBoRRWw8viK05E1BDuuolG0mubHyhkuqNTjBybgBqS2t-NzAqnBN3L&sai=AMfl-YQeY-KzHaqdmNWPkA8LTZPaen6_1gWDv8rz84A0KoyyiMDWuoH27wqxEGuKFHAvfUnu720FOodxdfsXU8bAovLjYoLK3IwlrwwzbMx8DYzEDFJdAAUE2uezgcjG4OQ0&sig=Cg0ArKJSzIK4bu3L6FIDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 30 Dec 2022 21:38:09 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221230
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.single.wtg.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2748364a1e1b0431dc18922af57c9e8c517869f522aff14de893b7fcc8328ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Dec 2022 21:38:09 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
20242
x-jsd-version
1.0.1572
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
926
x-served-by
cache-fra-eddf8230021-FRA, cache-hhn-etou8220051-HHN
x-jsd-version-type
version
etag
W/"66b-bfk4lOFUJbbjbBtsrLjlmYp0ljE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
privacy_small.svg
static.criteo.net/flash/icon/ Frame 33D9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:09 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 33D9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:09 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 33D9 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 25 Dec 2023 21:38:09 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 33D9 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 25 Dec 2023 21:38:09 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 33D9 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=iBlLu2Wdd-aiho5unzzSitl4fPFJcm9GQKOZyQ0IfkH_ufg9-rhzwduNkHXDr4uuHc2-ZwaF57fmYm-QHQoWvPsyAoNvEesinsFWwTDiiQLDKP1yFTgRGo7Fn06bZFGmRNHqc0KgHB6i6azcxIUsyIOH5FfubRABLpS8WTpbdQVNnqUZDgeMCzHHjkuJlysbPy7HVoD8ZqzBrIl5Btm-lG4rgwW1ZdSUIcy4-vvcA4y1M6eDG54st9v_uZPc--Vk5fNQYf27t8qiWIPwDYGBtHrAFEbkBW7_8r_sYZ5mc-E4bpwfmhuthZl6T9ZTXv0IzlNst9forJePkAqSvr5JF_SAoWXj_O5DMgmUtV6x_qinrCI30EFA2sidhskGR2ZRrQPhGYZ9sjC4m7BLnMHfuDo2OV92f8VY7baRPyJCa-dVX2f6
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3451095
expires
Mon, 26 Jul 1997 05:00:00 GMT
ai.aspx
m.exactag.com/ Frame 33D9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=63af5a40dadd46ded9ebc23459ff87fe
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 30 Dec 2022 21:38:09 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Fr, 30 Dez 2022 09:38:09 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.eu.criteo.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1051
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 33D9 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3122:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
777653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvwanCVuPJ1dFyc969MERfn33DhOnddCJcWtfbRPq026qNj1uXf2zvybQkrldwxbAl8p2MSujcDQ9cOcwlUVAda3XRpQgfLyJNGASSw%2FQ3pigtyw2%2FJc6%2BIeKJclIO6jJfIjsxvGDQeedQCqtZERbCOg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
781debb9eacf9186-FRA
expires
Wed, 20 Dec 2023 21:38:09 GMT
animejs.js
static.criteo.net/animejs/ Frame 33D9 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:09 GMT
img
pix.eu.criteo.net/img/ Frame 33D9 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=8721&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Fb36c36e292dd46478a893899a4e21a5f_breuninger_de_all.png&v=3&w=596&s=9hCu24Jp9VafUxXM_ppqGggd
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
9d3b426eab31bb93387e03383277a793a0347d1ff89a3a558479f674dc811e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30779255
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19739
expires
Fri, 22 Dec 2023 03:25:44 GMT
img
pix.eu.criteo.net/img/ Frame 33D9 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F6%2F100132034317000_0_1654708232366.jpg&v=3&w=400&s=LsRGzoeyiB5twloenx8v5WKw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d66322a343479a01affe9882990e519fef1a97fabdfdfdd3f2dd435202bbadb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5902604
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6544
expires
Thu, 09 Mar 2023 05:14:54 GMT
img
pix.eu.criteo.net/img/ Frame 33D9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F12%2F100137485812000_0_1670580490752.jpg&v=3&w=400&s=60flmZb5Y2qO7G6q3MMuSQCj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
369ef17b9caa93b0f4776a49da800cf191955a0362dd0b254cd52569790d5d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=5962864
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5890
expires
Thu, 09 Mar 2023 21:59:13 GMT
all
csm.eu.criteo.net/ Frame 33D9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=NOgb1CUfU-nAphLjXyjKTVz0-8rktmwhFpR8-i2B8yxqQq7XAPjVRj12L4fH3zFhwcs5zh_ZUflE1ttHUEL-62wDYT6IJWNa7NSlu6n02-djvuKH4k6QsRIHk_cAy6X4HuO96Lhsbuu8EF83l58xKx-s8eq91dipcLwbewa5KKznaBBSOU5wbDaITj-9url6VG7V1f_iiPk6ZmdiAhcGuE77GvzfdEfvVAna6cXfs-80Hi9AnEcO6ZcE0kPjuvFYd2dEiQ&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 21:38:08 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 33D9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:09 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 33D9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:38:09 GMT
truncated
/ Frame 0A4B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42f8e7092564a4074f8b5bd68b59c30f2f1817a7a8ed69b12f124f1adc3df893

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 33D9 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 21:32:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Dec 2022 21:38:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A26F 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 19:34:12 GMT
x-content-type-options
nosniff
age
180237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 19:34:12 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A26F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 19:33:00 GMT
x-content-type-options
nosniff
age
180309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 19:33:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 168B 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 18:50:55 GMT
x-content-type-options
nosniff
age
355634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 18:50:55 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 33D9 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 21:55:38 GMT
x-content-type-options
nosniff
age
85351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 21:55:38 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 33D9 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 08:59:22 GMT
x-content-type-options
nosniff
age
304727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Dec 2023 08:59:22 GMT
wtg_prebid_6.12.1.js
lib.wtg-ads.com/prebid/ 		426 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.single.wtg.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
174e5da2bf96133b8ccb4cdf6bd07442285168f7a053825041903171586250ab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:10 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
582585
last-modified
Tue, 27 Sep 2022 10:12:45 GMT
server
cloudflare
etag
W/"6332cc9d-6a9fd"
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MKCtvV5p%2Fb7ja8M02zG0o7aykasQcB54z4DexlIcHHAH%2BjmTGhQrf8E%2BtdU%2F3q6x1kqGNFmAOsZwe6d60wNMfvOISXkMQx4zTQkJ37dRYxqu0f7H%2BKoYd4Gsh72YXABAZ3OAPsjmJpNcMa2SA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=10800
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
781debbc787a917d-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 24 Dec 2022 06:48:25 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Dec 2022 21:38:10 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221230
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2748364a1e1b0431dc18922af57c9e8c517869f522aff14de893b7fcc8328ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Dec 2022 21:38:10 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
20243
x-jsd-version
1.0.1572
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
926
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
etag
W/"66b-bfk4lOFUJbbjbBtsrLjlmYp0ljE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 21:38:10 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
536818
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3MFP2q1EmB5Ra3%2FrhAXlEPeAwPIw3cZN4sm2AMUnVom11tQns4PYO%2FoMogXJ%2B6e3IBQfI%2Bjw5j%2BJnDRotHdZ9Q3GI3s6VuBHPdyG3VVpLDnl7bV3ISlOQzh3i6GLEc5tJZAYZFlfzEmbCWG"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
781debbd2bbf9225-FRA
802.json
id5-sync.com/g/v2/ 		215 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/802.json
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
16b5208af87f4adea7ed400cc1061bbe49a8a2a8dcb1632cf8ce126aad1de3b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Dec 2022 21:38:10 GMT
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 21:38:10 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NB9RMWYS9P8BJMQ5
Age
647350
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
2Ndtz8v11YNi+qJthU2d1au/D384dCV5yBDmpljGUGtv09ot2GGgx+KNqDHBDlfwiRrE4Y4jvH8=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWmFPbhsO4Y0jhOHNP9ak%2BcLgG82JcX%2FF5R7P55EpVUs%2FZn0SQqo7bCzjmy68CZoAudyun8qiUj4RVURVaIafkVDNDSRoxPkY1xV31h3NNXTntP2WQfBbAqcqKRw2FXqBYkSME9AI2WJcffM"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
781debbd5f079bbf-FRA
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Fri, 30 Dec 2022 21:38:10 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Fri, 30 Dec 2022 21:38:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
waytogrow-d.openx.net/w/1.0/ 		278 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://waytogrow-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4673897b-c54f-47ef-8216-889d173e5b61&nocache=1672436290168&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1&schain=1.0%2C1!waytogrow.eu%2C4522715%2C1%2C%2C%2C&aus=120x600%2C120x400&divids=%252F26225854%252C43010785%252Fwalla%252Fwalla.co.il%252F120x600_1&aucs=&auid=557565155
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c2a21cbcdb472e8535f6ea7584e83e04d5dd35a34491fe320e5188d883b4ac71

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:10 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
85e99c984ea3938bcecf08a25690aec3913aa070a8f3e858a96d6e15f4bf63a8

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
27d5ee54e058e0bd04114f7acec7552d8c6dc7e500900562c4fa44ca32b1ad34
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:10 GMT
AN-X-Request-Uuid
6bbd26db-aada-4f68-a9a9-5ceaf45358dd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=844785&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229900ed85317224%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221018bf5f08ec3c1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22844785%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22844785%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A400%2C%22ext%22%3A%7B%22siteID%22%3A%22844785%22%2C%22sid%22%3A%22120x400%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22waytogrow.eu%22%2C%22sid%22%3A%224522715%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA%22%7D%7D%7D
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41a2e7f274565a710dc4549d45d9eabc1630b13ba312d493f3e1f6eee25ed6ce

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfwUJkhjw5HW7MG9vw%2FwMaiUhSD1UNMnODSrMI%2Bh1NDWN07Ya9d8b8cjsaFbkQB3vR3WO1NI%2FAJJ48e9rKNpU8DmJOG%2BFWoD4j80e49U9GUSjdjEBh%2FKRx0n7D8QL9lIAJ1SG7Re"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
781debbdadd62bfc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Fri, 30 Dec 2022 21:38:10 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ 		0
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ 		204 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=185&av=34&wv=6.12.0&cb=17223404916
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
caa9a0dfa37b1f8d2372bf15a9e3de16c2dfbc5b89f42db4ba2712fae73b6d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
187
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17862&site_id=430042&zone_id=2458960&size_id=8&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&rp_schain=1.0,1!waytogrow.eu,4522715,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tk_flint=pbjsWtg_lite_v6.12.0&x_source.tid=4673897b-c54f-47ef-8216-889d173e5b61&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.17398502271144167
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
55358b1fad8a69e954b3a26c9ebc58bc50aa13175f3a2736db6c9c72197cdcf2

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
240
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		94 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/wtg_prebid_6.12.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
15e2b73c170377a7a93b8f95a3e06583759c7839db1a1b0a66b418ad0652452b

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 30 Dec 2022 21:38:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22bc75bd8c902bcdd779c2de79e84c37ced071cb5a388c56267a4aebd282448e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11304
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 8B47 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:09 GMT
server
Kestrel
server-processing-duration-in-ticks
733941
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
events
bidder.criteo.com/csm/ 		0
216 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 21:38:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 60FB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
173343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Dec 2022 21:29:07 GMT
expires
Thu, 28 Dec 2023 21:29:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9753 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2f1e810edb0b4bd3a5081e1079b1c25a46f917125caaecdd2e047e4c991fee07
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XHxKvBSXCceqcTCEYrdLtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-XHxKvBSXCceqcTCEYrdLtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 21:38:10 GMT
expires
Fri, 30 Dec 2022 21:38:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 9753 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=436112790262561&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 8B47
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=kJ5XgXxaaXFEUllrbVFBTm9BTG5mOFMvUG1sWlU2YnJPV0JpbUFTV0wyREE2TlNQMmJMRlZBV3YzQ0c3WXQvdVd0biszaUF5QmQ3cWZoQXdVME90enJJNUlNUlVqRnhmVS8yaWVXaVJXellCbGxNdW80YkZxZDNlUytRck...
428 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kJ5XgXxaaXFEUllrbVFBTm9BTG5mOFMvUG1sWlU2YnJPV0JpbUFTV0wyREE2TlNQMmJMRlZBV3YzQ0c3WXQvdVd0biszaUF5QmQ3cWZoQXdVME90enJJNUlNUlVqRnhmVS8yaWVXaVJXellCbGxNdW80YkZxZDNlUytRckYwTDdIT1hKYi9qL25nV3VLajNURlJWcGg3MjBpSnErMUFXVjhYa29TWE0wK1NrcXVucXo3R1lCSnhMMWc1SGdWZnVPMnp5WGlPRlhtNVFwY3g4WDJtcmU5TXByd1l0UzQ0VlA1czk5aE5Jb2hoTFZVOHJLZkRsZHJtbHZ0WFBqMHdhNFIxQTJYK0dKNlE0Q0dnOHNhVzltSGlPZXlLdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1323e01e95e85e9077df1d37116b2efe5ce6c41a60de9adf46667dd0f0067dc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2326080
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=kJ5XgXxaaXFEUllrbVFBTm9BTG5mOFMvUG1sWlU2YnJPV0JpbUFTV0wyREE2TlNQMmJMRlZBV3YzQ0c3WXQvdVd0biszaUF5QmQ3cWZoQXdVME90enJJNUlNUlVqRnhmVS8yaWVXaVJXellCbGxNdW80YkZxZDNlUytRckYwTDdIT1hKYi9qL25nV3VLajNURlJWcGg3MjBpSnErMUFXVjhYa29TWE0wK1NrcXVucXo3R1lCSnhMMWc1SGdWZnVPMnp5WGlPRlhtNVFwY3g4WDJtcmU5TXByd1l0UzQ0VlA1czk5aE5Jb2hoTFZVOHJLZkRsZHJtbHZ0WFBqMHdhNFIxQTJYK0dKNlE0Q0dnOHNhVzltSGlPZXlLdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
642340
content-length
0
expires
0
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 60FB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Dec 2023 12:26:41 GMT
generate_204
tpc.googlesyndication.com/ Frame 60FB 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fXM7EQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 8880 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
unip
trc-events.taboola.com/1245572/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=4665&scd=9&ssd=1&est=1672436286055&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1672436290720&vi=1672436286053&ri=2fa96b367b2bab35add0b6e384543a82&ref=null&cv=20221227-23-RELEASE&item-url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
da6bff16abf6dd0721d4263242a3c7fbf250fda94478e27cb2fa51b1606bbc56
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:10 GMT
AN-X-Request-Uuid
398f4d56-2ece-49fa-a8c4-e29b78ec1011
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		405 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=%2F26225854%2C43010785%2Fwalla%2Fwalla.co.il%2F120x600_1&tk_flint=pbjs_lite_v6.29.3&x_source.tid=2cebe48e-13da-4a79-9a5e-19ca6ac3e4d4&l_pb_bid_id=94a2d65e2a7cae1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F26225854%2C43010785%2Fwalla%2Fwalla.co.il%2F120x600_1&slots=1&rand=0.6530983742212997
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
80e39f89cd5882108c301810672c0b794ebd263ac6be1e9f1c9e8b699a5f8445

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:11 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
405
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.115.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-115-255.compute-1.amazonaws.com
Software
/
Resource Hash
8acea189440ca758096d34efbac6b01b66ba384542706310095096d73cf03b5f

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 21:38:11 GMT
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.walla.co.il
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:10 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Fri, 30 Dec 2022 21:38:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		95 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b29b9120f977d46a7115243a5f22a644370645add5471ab0a0874c8a919c8ad1

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 30 Dec 2022 21:38:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		181 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F&PublisherDomain=walla.co.il
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
587887c0af687504409ea21161335adb13832d9e98d977b037f0547e2504a029
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
181
expires
0
prebid
mp.4dex.io/ 		114 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c27a2afdda581624d06861da83a71edaa9e25b23434fce3832d1c0e636cb6d9

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 30 Dec 2022 21:38:11 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1241
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
781debc2b95a9b49-FRA
expires
0
/
prebid.smilewanted.com/ 		0
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 21:38:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
781debc2bc1a6925-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=185&av=34&wv=6.29.3&cb=94951743323
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
da6a082635c84b9c2ca04a9c1580d3d0ba44b9f01a2e79eb2b426cd1a267198a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1806
arj
u.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2cebe48e-13da-4a79-9a5e-19ca6ac3e4d4&nocache=1672436290994&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600&divids=%252F26225854%252C43010785%252Fwalla%252Fwalla.co.il%252F120x600_1&aucs=%252F26225854%252C43010785%252Fwalla%252Fwalla.co.il%252F120x600_1&auid=544104782
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
527fd15d33cf3915f7c21e5f9e1b6d85b4727e76a4c8604907d011409aea9fc9

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
45c2a71dac80c6030a1d0f7c9c51b558d7097e1667119d82275c676a73720c1e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:11 GMT
AN-X-Request-Uuid
b76c1ff2-eaf8-413a-bf59-d55ba6a96683
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221156ea3301da29aa%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22domain%22%3A%22walla.co.il%22%2C%22publisher%22%3A%7B%22domain%22%3A%22walla.co.il%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22116fa3713beed94e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F26225854%2C43010785%2Fwalla%2Fwalla.co.il%2F120x600_1%22%2C%22gpid%22%3A%22%2F26225854%2C43010785%2Fwalla%2Fwalla.co.il%2F120x600_1%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a50305d802e4bbbe3be1b7026e18e2ff73193b73177717a6df3b413d16ed4c9f

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ap6k1tI3YY4N0arpSLhmFoM5BaGRQuTlm0eRCEh41OufYzoA%2Fnl6FVPezx6CptBKCaROUnjhu5irJxzP2PnT9nuKjup6wfO1q6EUMnZO14HWqIpIU9PpuelwrifDLvfN2Mn2sBHV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
781debc2bcb32bfc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
auction
tlx.3lift.com/header/ 		19 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.162.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-162-40.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:11 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
events
bidder.criteo.com/csm/ 		0
216 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 30 Dec 2022 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		699 B
799 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?countrycode=DE
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8971281a65a5c8449db58c95a1c50cfc9b4271f431c055aa97854199670a0003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=436112790262561&bg=!MzClMHTNAAYgquz3AKo7ACkAdvg8WrlBwEt4yDnFrseRYO94G5kiU_9N2ycazOWe_F3M_ZkPpPtsngIAAABSUgAAAANoAQcKAKO7A2cszCTEE3InokDCXfVEUA0P45L-0pznUwvkrSI-90B3eT0TfyB807ZQ2mMZZgTB3HTZMs0Ks4t-EwHv7KmAiJ91T63cJxw0VYwx6bhQs3W46tIi4puQvfit19xbmSVFhQXkSadByeIUMBu9wKVUtLbhTIy_4TKI2b8eJ10VxD73N-7NplH26e61Yxv4HMJddDx9UhpajLCO7Ff7IdbDovobmQKqlccSUTcvPDsfNBza_om9zG93cF3lW9wa-VIUPVjk863OYRjCTaD22Rj3UGq_KIuDA8rX-c3RznBqlbx32qxC8TPvYP1jNXdHSXEgLmSurlxcZFeOJ-bRUa4vI_dZcAsecYALsfOxylY_Ntfw6lvOhgTs_F8LBMN6G4CuWD7H02yoZJLUgO3WofIsYYHIg4mUSDCph5u6DfWqZQdkvO4q80mwqsarkNicBHq2AsoREsv6AOOe2kPM9OUyv_OHW7O5yGcSj6Ud815MrBI5aiQ_qmkF5BV-e49rSuO7dD14ieEUDhN630r16qK9WpV8Hr9ComOOz_dhmRcl26-44LWJxTAjbqh-O3IZxv5tyU6RwPKq7eF68R4CNpFTSxRIJpEEXbdwbX6LslnKWUo3Oe7-NWK5_xM7xXb9QMHNipjmlNdUOF31uIP3yoR12l9AZSV_A4IC1yLqPYM_oBixXxi8n_YVDxclw17XU3CXWipRhRvYhl8hb0TAQd6dbAVLfpHuEtwC_dXMSi-qK1TfyQRFY4lJktbf-t2LMuArbdaRkQIjPG5f1V9jRoYgD_y1MKiep4IuYXs6WlXfZen8Uelyimj3M7UXfUA3tH-iexp04h9RwbS6C6_pLkU2ey4C6JSk_wsHITu0qWyL_K6gBHtBu9ufJ1iw1oZU6dBe8qlqTsBRTdOP2YyXI7YuoK167L1TfplXK0lQOQfQrKaP6_ulApkB6e8gOcVW2zGrA78Ns1Qj6of-mTbxGkcUI-oLO8vMewuH3TYdZUxKgVVdUZs0QSnMRo5RYYfSmqWhS2midtAXzLQh3euVfUP2CM5qIMnjtlJgEeCcL_njz8SMioOwRrWT7iit6HUcfEcqPu0ECWCK0YQoGF5Mxp2654Df0XDUU3RxAIOYqJqxJQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 30 Dec 2022 21:38:11 GMT
server
Google Frontend
x-cloud-trace-context
7b017e5eb82f08d0695f52ea38f7043d
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
x-request-id
d9a7d36b-1480-4785-960f-fa5de2f0d28e
x-vad-version
0.9.13

Response headers

date
Fri, 30 Dec 2022 21:38:11 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
308ed2b2ca7db6ca7dd4cb916f3d8a8f
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		60 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=436112790262561&correlator=58476936200760&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=26225854%3A43010785%2Cwalla%2Cwalla.co.il%2C120x600_1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C120x400&ifi=21&adks=210931426&didk=676898014&sfv=1-0-40&prev_scp=vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D9db47363-1d69-41bc-b1c6-cea3de53c290&eri=1&cust_params=permutive%3D%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F%26host%3Dwww.walla.co.il%26path%3D%252F&sc=1&cookie=ID%3D0176f1992b1f8560%3AT%3D1672436287%3AS%3DALNI_MZZbRm9OcBXKB6atLfJb6N-nL9O7w&gpic=UID%3D00000b9af692e851%3AT%3D1672436287%3ART%3D1672436287%3AS%3DALNI_MbdjbA2ZTvbdMJCmIqQjFEj-GKGVQ&abxe=1&dt=1672436291123&lmt=1672436291&dlt=1672436284301&idt=703&adxs=1479&adys=551&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=l&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x0&msz=120x0&fws=132&ohw=2&ga_vid=1852875319.1672436285&ga_sid=1672436287&ga_hid=61718290&ga_fc=true&ga_cid=1693097556.1672436285
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1e38bf5cb339abf83cf9662a20e03d36b135885896fb3a9ada58a973b15143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12595
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 88C6 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172926
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 88C6 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172926
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 88C6 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:06 GMT
age
172925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:06 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 88C6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172926
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 88C6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 21:36:05 GMT
age
172926
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 21:36:05 GMT
css
fonts.googleapis.com/ Frame 88C6 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 21:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 20:53:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Dec 2022 21:38:11 GMT
iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 88C6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/iw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 18:59:43 GMT
x-content-type-options
nosniff
server
cafe
age
9508
etag
415739381108731362
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2712
x-xss-protection
0
expires
Sat, 31 Dec 2022 18:59:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 88C6 		344 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:36:06 GMT
x-content-type-options
nosniff
server
cafe
age
125
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 31 Dec 2022 21:36:06 GMT
l
www.google.com/ads/measurement/ Frame 88C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYHjaFFJVPI40K7eLwYGtHbL5IhYmIi9qsH2N8pSincWlZdcM-aopkEXXbu0FeQmGb8FmqRUgIdbcwM77MJo5zHGpG_w
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 88C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrVVzQ1qvY4TXCvWQlQek7qmwCpucj_tt0fSvyboOi67z5fUKEAEg1uWlH2CVkpaCqAegAbn6n9QDyAEJqQJbjMVdpVOiPuACAKgDAcgDCqoE9wFP0Feqo2F8U4HVGLAI8Mgwsz7B9AMBEEQCs8kfyzlgOHAFinw8xq1tUYbeNSJM8trheayLFeAQ7Y3oqE7GOLVMLOIfBJeOi1grtf_7mnLAdnelVrfWxHVSavmHWk6yt4czOQGpSOKPArfs04v-J8VkeB56647U2051ek8fkk717qtEsNwjUhwQjwQ19l2X_tdsi-k2BBf51pZbGEkm3W53E6I_kUMO9IJPRbazLKpC3ikwpoTH0ro0tPgZuoqitDklqifJnrE8-Ysh2f-2xfruWH0YqsVchE_VNL4tVQkeAmkygJopnr1Jq6FppeY1ZxGvo9za336AwASwo-GP8gPgBAGSBQQIBBgBkgUECAUYBKAGLoAHr4XgK6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPqRDtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMMiBQH0BUBmBYBgBcBshceChwIABIUcHViLTkzMjg2MzM2MDQ0Mzk4NjMYrqMW&sigh=hBGfx6Sy4QQ&uach_m=[UACH]&cid=CAQSOwDq26N9F9rWHYqbrcJZCP6QDfI22qauka8KWWLUiKgxageh1l84pdcaGNLxVrqGSvsCHgBSCgDoT95mGAEgEw&template_id=5000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/10762980903474375328/ Frame 88C6 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10762980903474375328/14763004658117789537?w=195&h=102
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4798ef674ebf7b86cd9b8e74691c1332645471f310140ddd24d39fecdc8ce84d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 10:54:04 GMT
x-content-type-options
nosniff
age
384247
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5798
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 06:18:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Dec 2023 10:54:04 GMT
truncated
/ Frame 88C6 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 88C6 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 88C6 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f9c02f8f2199abde66afc3835db6a47ac2f19e893079c68bb4fa62a1041e120

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/png
cri
match.prod.bidr.io/cookie-sync/ 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dRsoeWV8lMkI4T3h6JTJGNUN3ZGpWam03VTJjTnl6d1pCUllVJTJGN0pIZFRjZVpGeHV4WW5ZJTNE%26u%3d%24%7bUSER_ID%7d&gdpr=false&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.188.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-188-40.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:11 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=C8cXxV9ZdWwwTlR0TnglMkZxU1RHd01PUEUlMkZtZklJeGlTRUI2WVZVVjZGWFZEQ3h1cyUzRA&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=k-e4sYixNr6qL_1kAarGcO...
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=C8cXxV9ZdWwwTlR0TnglMkZxU1RHd01PUEUlMkZtZklJeGlTRUI2WVZVVjZGWFZEQ3h1cyUzRA&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=k-e4sYixNr6qL_1k...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=criteo&bsw_custom_parameter=751306bd-d7cb-4065-8aec-cc39e25540bc
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=criteo&bsw_custom_parameter=751306bd-d7cb-4065-8aec-cc39e25540bc
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9259b876-b36e-4188-8842-7c512836878d&ssp=criteo&expires=30&user_group=5&bsw_param=751306bd-d7cb-4065-8aec-cc39e25540bc
  • https://ssp-sync.criteo.com/user-sync/match?p=C8cXxV9ZdWwwTlR0TnglMkZxU1RHd01PUEUlMkZtZklJeGlTRUI2WVZVVjZGWFZEQ3h1cyUzRA&u=751306bd-d7cb-4065-8aec-cc39e25540bc
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=C8cXxV9ZdWwwTlR0TnglMkZxU1RHd01PUEUlMkZtZklJeGlTRUI2WVZVVjZGWFZEQ3h1cyUzRA&u=751306bd-d7cb-4065-8aec-cc39e25540bc
Protocol
H2
Server
2a02:2638:1::2d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:12 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
//ssp-sync.criteo.com/user-sync/match?p=C8cXxV9ZdWwwTlR0TnglMkZxU1RHd01PUEUlMkZtZklJeGlTRUI2WVZVVjZGWFZEQ3h1cyUzRA&u=751306bd-d7cb-4065-8aec-cc39e25540bc
date
Fri, 30 Dec 2022 21:38:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dvYpjv19lUXRhck5Kc3clMkJkQWswS1JSS0QwREU1cGEyb0NJVWJKMnYzZVFZQmNEd3MlM0Q%26u%3d%3cTUI...
  • https://ssp-sync.criteo.com/user-sync/match?p=vYpjv19lUXRhck5Kc3clMkJkQWswS1JSS0QwREU1cGEyb0NJVWJKMnYzZVFZQmNEd3MlM0Q&u=c6bde626-ddf0-44c5-9dfb-8fd977a9fcf0-tuctaa8dfc3
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=vYpjv19lUXRhck5Kc3clMkJkQWswS1JSS0QwREU1cGEyb0NJVWJKMnYzZVFZQmNEd3MlM0Q&u=c6bde626-ddf0-44c5-9dfb-8fd977a9fcf0-tuctaa8dfc3
Protocol
H2
Server
2a02:2638:1::2d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:10 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=vYpjv19lUXRhck5Kc3clMkJkQWswS1JSS0QwREU1cGEyb0NJVWJKMnYzZVFZQmNEd3MlM0Q&u=c6bde626-ddf0-44c5-9dfb-8fd977a9fcf0-tuctaa8dfc3
date
Fri, 30 Dec 2022 21:38:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13966
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 88C6 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 20:38:02 GMT
x-content-type-options
nosniff
age
176409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 20:38:02 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=MVx0UnxqM2pTTWFMNW8rdisvZ0pEbzdCYnRnaE9CbFBMQ2d2aldqSHE0c0hxVjQrWkZHMHEvZCsvTWtlU0FaMmlXdWxGWlNtRWlOWUxTRUhSbnU0UVZlUXJjdzR6aXZ6MlNYY0s2VlFzWHRHT1BTRW9TNVhUZVhPWnk3K3...
410 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=MVx0UnxqM2pTTWFMNW8rdisvZ0pEbzdCYnRnaE9CbFBMQ2d2aldqSHE0c0hxVjQrWkZHMHEvZCsvTWtlU0FaMmlXdWxGWlNtRWlOWUxTRUhSbnU0UVZlUXJjdzR6aXZ6MlNYY0s2VlFzWHRHT1BTRW9TNVhUZVhPWnk3K3ozRnBqd21SandFUWU3R3I4bDFmWDRjS3VKam5lM3oxV1FWZmNpZlZpdmNscmdVdmtBYWkyQWxnUXk0ditpSlpYTUQwWjNVVng4dzZZYUZBTXBEUW5XSTF1REJPTFVqUjdoOXRoSHc0dUJUWlYrYXRmQ3daVlc4VGVSbVhvUkN5V3ZyN1VUVEVOMzd2WElhRFpzb3d0R29WWXM2R1pOUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
98ae9607014f51d14e047c1edc1b0a73c4a6777615ffa1ae75fb8c6113dc9343
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1381037
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=MVx0UnxqM2pTTWFMNW8rdisvZ0pEbzdCYnRnaE9CbFBMQ2d2aldqSHE0c0hxVjQrWkZHMHEvZCsvTWtlU0FaMmlXdWxGWlNtRWlOWUxTRUhSbnU0UVZlUXJjdzR6aXZ6MlNYY0s2VlFzWHRHT1BTRW9TNVhUZVhPWnk3K3ozRnBqd21SandFUWU3R3I4bDFmWDRjS3VKam5lM3oxV1FWZmNpZlZpdmNscmdVdmtBYWkyQWxnUXk0ditpSlpYTUQwWjNVVng4dzZZYUZBTXBEUW5XSTF1REJPTFVqUjdoOXRoSHc0dUJUWlYrYXRmQ3daVlc4VGVSbVhvUkN5V3ZyN1VUVEVOMzd2WElhRFpzb3d0R29WWXM2R1pOUT09fA&cppv=2
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
346319
content-length
0
expires
0
sync
eb2.3lift.com/ Frame 9A04 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 30 Dec 2022 21:38:11 GMT
/
csync.smilewanted.com/ Frame 0615 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b7fcf7d9b3b6406eb6246d1a5e5d644f5dace02bcaca1f17cfe2ef406d073d

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debc75cc96925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:11 GMT
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 8ACF 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 30 Dec 2022 21:38:11 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame BACE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 30 Dec 2022 21:38:11 GMT
ETag
"623de86a-cf34"
Expires
Sat, 31 Dec 2022 21:38:13 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 19AA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Dec 2022 21:38:11 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9EA9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50366
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 30 Dec 2022 21:38:11 GMT
expires
Sat, 31 Dec 2022 11:37:37 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 30 Dec 2022 21:38:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
363193
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 221B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50366
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 30 Dec 2022 21:38:11 GMT
expires
Sat, 31 Dec 2022 11:37:37 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F784 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 30 Dec 2022 21:38:11 GMT
ETag
"623de86a-cf34"
Expires
Sat, 31 Dec 2022 21:38:13 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2800 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 30 Dec 2022 21:38:12 GMT
ETag
"623de86a-cf34"
Expires
Sat, 31 Dec 2022 21:38:14 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame AABD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 30 Dec 2022 21:38:12 GMT
ETag
"623de86a-cf34"
Expires
Sat, 31 Dec 2022 21:38:14 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame CA40 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 30 Dec 2022 21:38:11 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame 6B14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13421168
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 30 Dec 2022 21:38:11 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
/
onetag-sys.com/usync/ Frame 32AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1672436291093
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame D69C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1107
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
781debc79c229043-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:11 GMT
expires
Sat, 31 Dec 2022 01:38:11 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame FFE4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1107
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
781debc79c259043-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:11 GMT
expires
Sat, 31 Dec 2022 01:38:11 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame FA25 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b7fcf7d9b3b6406eb6246d1a5e5d644f5dace02bcaca1f17cfe2ef406d073d

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debc75cca6925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:11 GMT
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 0239 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 30 Dec 2022 21:38:11 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame F873 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1672436287773
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
beacon
ap.lijit.com/ Frame F9A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13421168
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672358400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 30 Dec 2022 21:38:11 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
prebid
b1h-euc1.zemanta.com/usersync/ 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 21:38:11 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 9EA9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2974866&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d9108ebdd9d5303463021dda6297c7ce58006830c6e90c7d36e7afb2d5db2168

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 30 Dec 2022 21:38:11 GMT
content-length
1809
content-type
text/html; charset=UTF-8
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L30GH6X3WK&gtm=2oebu0&_p=61718290&cid=1852875319.1672436285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&sid=1672436285&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oebu0&_p=61718290&cid=1852875319.1672436285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&sid=1672436285&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=MVx0UnxqM2pTTWFMNW8rdisvZ0pEbzdCYnRnaE9CbFBMQ2d2aldqSHE0c0hxVjQrWkZHMHEvZCsvTWtlU0FaMmlXdWxGWlNtRWlOWUxTRUhSbnU0UVZlUXJjdzR6aXZ6MlNYY0s2VlFzWHRHT1BTRW9TNVhUZVhPWnk3K3ozRnBqd21SandFUWU3R3I4bDFmWDRjS3VKam5lM3oxV1FWZmNpZlZpdmNscmdVdmtBYWkyQWxnUXk0ditpSlpYTUQwWjNVVng4dzZZYUZBTXBEUW5XSTF1REJPTFVqUjdoOXRoSHc0dUJUWlYrYXRmQ3daVlc4VGVSbVhvUkN5V3ZyN1VUVEVOMzd2WElhRFpzb3d0R29WWXM2R1pOUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 30 Dec 2022 21:38:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
555748
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 0615 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
3044076
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
781debc82e4f6925-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame FA25 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
3044076
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
781debc82e516925-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
usync.js
eus.rubiconproject.com/ Frame 19AA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e98c04ea06111d883b1c55930474123f6630872bd5bf5cbd5553313c0d1d21b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 21:38:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Dec 2022 11:57:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51522
Connection
keep-alive
Content-Length
10067
Expires
Sat, 31 Dec 2022 11:56:53 GMT
async_usersync
ib.adnxs.com/ Frame BACE 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:11 GMT
AN-X-Request-Uuid
bf2b375a-88ad-47e8-9058-c77e405b8950
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 08DF 		0
518 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debc89efe6925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:11 GMT
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame 8BDD 		0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debc8af1f6925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:11 GMT
server
cloudflare
vary
Accept-Encoding
v1
match.sharethrough.com/universal/ Frame 019E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.251.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-251-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 30 Dec 2022 21:38:11 GMT
v1
match.sharethrough.com/universal/ Frame 7D15 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.251.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-251-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 30 Dec 2022 21:38:11 GMT
smw888.gif
us.ck-ie.com/ Frame 3507 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 30 Dec 2022 21:38:12 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 7240 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 30 Dec 2022 21:38:12 GMT
Server
nginx
rubicon
match.adsrvr.org/track/cmf/ Frame 19AA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 19AA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCMURVM1MtMi0xUDc4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCMURVM1MtMi0xUDc4
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCMURVM1MtMi0xUDc4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 19AA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGQ2ZTkxNzcyZWE4MjQ2ODFjZjAxNWNkMmQzNjBmYjNjZGM0YjU1Zg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGQ2ZTkxNzcyZWE4MjQ2ODFjZjAxNWNkMmQzNjBmYjNjZGM0YjU1Zg
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGQ2ZTkxNzcyZWE4MjQ2ODFjZjAxNWNkMmQzNjBmYjNjZGM0YjU1Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 19AA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Sk5p-aU8Q9mSShpaubdUEA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Sk5p-aU8Q9mSShpaubdUEA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Sk5p-aU8Q9mSShpaubdUEA
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
35R38G7Q4AA3QG9TNFZC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Sk5p-aU8Q9mSShpaubdUEA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame 19AA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H15ZQDCYPWZ7Z02XNPNV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 19AA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/e7vay6dKQljGQFeggAG9rQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pO897ypE2oJdccx41EjC9fcMX7pfF3MiQtf1NQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pO897ypE2oJdccx41EjC9fcMX7pfF3MiQtf1NQ--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 30 Dec 2022 21:38:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pO897ypE2oJdccx41EjC9fcMX7pfF3MiQtf1NQ--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 19AA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCB1DU3S-2-1P78
0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCB1DU3S-2-1P78
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:12 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: EDBA9F87333B4001BB249A12F46F25A9 Ref B: FRAEDGE1209 Ref C: 2022-12-30T21:38:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxEmsg7CnHCCoETRFK8Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCB1DU3S-2-1P78
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 19AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECJcDA6GGKVCfnM1J2V8LN0&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECJcDA6GGKVCfnM1J2V8LN0&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECJcDA6GGKVCfnM1J2V8LN0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mePzQPnS5M0kUWiLFV3a
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 826C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted
0
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debc958786925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 30 Dec 2022 21:38:12 GMT Fri, 30 Dec 2022 21:38:12 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted
pragma
no-cache
usermatch
ssum-sec.casalemedia.com/ Frame 3EF5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1f8fc00e99e1f05a8b4504c0beed678153b8471a87daec069db40ef14ee5db

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
781debc98bae92b9-FRA
content-encoding
br
content-type
text/html
date
Fri, 30 Dec 2022 21:38:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1jmUZN1Rkg89y5ZHyBSAR%2FKJOTm5YiCVusamw00Fwn2WIUU9m2DsNmNN3I2mdMMtnqaYP8lOHzh5rQfgg%2FTLttOsIVnxiwKsOOepe7qXu3onnviyzwG2cy1FnmKOr0IN9iy0luVJbiypQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
mePzQPnS5M0kUWiLFV3a
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 23A8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debcafb0c6925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 30 Dec 2022 21:38:12 GMT Fri, 30 Dec 2022 21:38:12 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mePzQPnS5M0kUWiLFV3a?pi=smilewanted
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 1726
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
803b4dc7-4a90-4ab4-883f-c314427fbf98
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 30 Dec 2022 21:38:12 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debcafb066925-FRA
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
server
cloudflare
setuid
ib.adnxs.com/prebid/ Frame 512C
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
3c53a613-f8b2-42d0-9ef5-31e0b451131a
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 30 Dec 2022 21:38:12 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debcafb0a6925-FRA
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=72d6baf2dbfce362cb8761567db15645
server
cloudflare
async_usersync
ib.adnxs.com/ Frame 2800 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
AN-X-Request-Uuid
7e718d81-bc54-4c67-a10c-75f2997cc706
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
connectmyusers.php
cdn.connectad.io/ Frame 8BE0 		1 KB
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
781debc9ee812be4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
server
cloudflare
dcm
s.amazon-adsystem.com/ Frame 3EF5 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BRCSM8PD360904NFFXBB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3EF5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3gkf2HccwjU6MX6ZSyug20dd%2BSDKgWefVdwizy0P%2Bftgmidt5KQevD%2B27x05ULSvDChnZo22SzpJrsbGigW6RtB6R5KGEUqa0rBHPshW4MVDwn8eCG33eL%2BgvjH5HXmOy3jGWWdH5eV2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
781debca2c8a92b9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3EF5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y69aQU9woO92CHfmlFe-iAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENec40JuuWqpkKibMM_VS6w&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENec40JuuWqpkKibMM_VS6w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENec40JuuWqpkKibMM_VS6w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3EF5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
connectmyusers.php
cdn.connectad.io/ Frame 6CF0 		1 KB
834 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
781debc9ee7f2be4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
server
cloudflare
crum
dsum-sec.casalemedia.com/ Frame 3EF5
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688161092&external_user_id=469215f7-9f14-4d3f-81e9-017812dc2c0f
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688161092&external_user_id=469215f7-9f14-4d3f-81e9-017812dc2c0f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Fri, 30 Dec 2022 21:38:12 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688161092&external_user_id=469215f7-9f14-4d3f-81e9-017812dc2c0f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ie
match.prod.bidr.io/cookie-sync/ Frame 3EF5 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.188.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-188-40.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3EF5
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=ceda2709-da60-4d14-859b-96c1cedabdb0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=ceda2709-da60-4d14-859b-96c1cedabdb0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=ceda2709-da60-4d14-859b-96c1cedabdb0
date
Fri, 30 Dec 2022 21:38:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 3EF5
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822944238769
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822944238769
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822944238769
Date
Fri, 30 Dec 2022 21:38:12 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 3EF5 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y69aQU9woO92CHfmlFe-iAAA%261153
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:12 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
85500
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
781debca5cc1915e-FRA
content-length
43
expires
Sat, 31 Dec 2022 21:38:12 GMT
async_usersync
ib.adnxs.com/ Frame AABD 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
AN-X-Request-Uuid
060eae15-9ee9-445b-a3ec-50644d72cd70
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
csync.smilewanted.com/set_partner_userid_get/smart/ Frame C349
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/
0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debcbbc1c6925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 30 Dec 2022 21:38:11 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/
/
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 2436
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/
0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debcbdc5d6925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 30 Dec 2022 21:38:12 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/
1
sync-eu.connectad.io/syncer/ Frame 6D3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
781debca4f142be4-FRA
date
Fri, 30 Dec 2022 21:38:12 GMT
server
cloudflare
sync.php
pixel.rubiconproject.com/exchange/ Frame B6A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
sync.php
pixel.rubiconproject.com/exchange/ Frame C3BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
usermatch
ssum-sec.casalemedia.com/ Frame AC5F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9318e754aec692905f8c38714bcf50c879be98649dfba0c8860c9f048968e79

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
781debcaad4292b9-FRA
content-encoding
br
content-type
text/html
date
Fri, 30 Dec 2022 21:38:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Py%2FoTupq36Phc2ayoZKh6v%2BSrtsyQyEUdRzJH3GOQg79N3AIAKsFHJHtIctt6oSGrIXdjCHQ6HKAxxTwyuQA80b7MvBCDTTxrY58WEF8BYzvN7HrKE9t%2FXmXi%2B%2FDGTN%2FhlLNnb9tykVygQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Y69aQU9woO92CHfmlFe-iAAA%261153
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame ABFA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y69aQU9woO92CHfmlFe-iAAA%261153
0
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y69aQU9woO92CHfmlFe-iAAA%261153
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debcb0b2c6925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
781debcacd6592b9-FRA
content-length
0
date
Fri, 30 Dec 2022 21:38:12 GMT
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y69aQU9woO92CHfmlFe-iAAA%261153
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsD7jT6G2Funov0iypXT0Avbju6c%2BA6FeMuQcueT2S1nO8Xw5eA6XVbteXEpOw%2FOPCk%2BpCeh9jINoFVxILEmubtpCCrI%2BKKJlSGWIm3Ynod85BITwEVyZ3OKsM9L7LZS2c02U4ZNEIlp5g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Y69aQU9woO92CHfmlFe-iAAA%261153
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame F961
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y69aQU9woO92CHfmlFe-iAAA%261153
0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y69aQU9woO92CHfmlFe-iAAA%261153
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debcb0b2f6925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
781debcadd7a92b9-FRA
content-length
0
date
Fri, 30 Dec 2022 21:38:12 GMT
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y69aQU9woO92CHfmlFe-iAAA%261153
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlWalaivFYimzkbUnG9iVizVK7q6UKa4cOsiKtPhYrBmi3yWpjXWyr2uB7faG9B8e8f6Yjs8cI3mM1rcfaq94mScsTpbExNYZLHk7ZWMuj4tm8H7D%2Bfxmy3rxjWdkV%2FygubwOW1rhkEKXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Y69aQU9woO92CHfmlFe_iAAABIEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AC5F 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y69aQU9woO92CHfmlFe_iAAABIEAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:4379:fd12:b154:f230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame AC5F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3200286950011710416
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3200286950011710416
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 30 Dec 2022 21:38:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8143c56b-c77d-42ec-8ce3-cad3e5ae6ff3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3200286950011710416
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y69aQU9woO92CHfmlFe_iAAABIEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AC5F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y69aQU9woO92CHfmlFe_iAAABIEAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y69aQU9woO92CHfmlFe_iAAABIEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:4379:fd12:b154:f230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y69aQU9woO92CHfmlFe_iAAABIEAAAIB
date
Fri, 30 Dec 2022 21:38:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame AC5F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y69aRAAIACecsAAF
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y69aRAAIACecsAAF&_test=Y69aRAAIACecsAAF
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y69aRAAIACecsAAF&_test=Y69aRAAIACecsAAF
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220027-HHN
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1672436293.640128,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y69aRAAIACecsAAF&_test=Y69aRAAIACecsAAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame AC5F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y69aQU9woO92CHfmlFe-iAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENec40JuuWqpkKibMM_VS6w&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENec40JuuWqpkKibMM_VS6w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENec40JuuWqpkKibMM_VS6w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame AC5F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y69aQU9woO92CHfmlFe_iAAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMVxhTKDZLTcqI5oYTSBH9ReOO%2FLTItAWyYNv7pytV8Xjv5Sg13YXxcd85aSW%2BasssCEtfliOVa%2FL5UPrjair9hdY6H7zR04rqWLYTHsYTKKNQovtN%2BHu4bu3kWuMvLec9FQ4XBaCBT3yw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
781debcb3e1792b9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOAsyJui5utUQI4H_HD2_U0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame AC5F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3200286950011710416
43 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3200286950011710416
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFx47EWJpiBUgn0BNXrSYXdIA84QQjkezjyiIAXYrCOmwtO5jCA9EWHUwGMsbvR%2Bj3MyGtd8LDM9FWNha6oASaps8nqTY5LjDGyz1RkFcky38%2FCkzqbjugS8IbSu99A5z43deYeE"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
781debcd0d7d2bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 30 Dec 2022 21:38:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c6919ac7-3114-4e85-bf2e-ec02d20b0a1e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3200286950011710416
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AC5F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=DUEaSw4TTxkWR00YDxRWHgIQTUwWShkYC0rpTi2D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=DUEaSw4TTxkWR00YDxRWHgIQTUwWShkYC0rpTi2D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=DUEaSw4TTxkWR00YDxRWHgIQTUwWShkYC0rpTi2D
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame AC5F 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y69aQU9woO92CHfmlFe-iAAA%261153
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:12 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
85500
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
781debcaedc8915e-FRA
content-length
43
expires
Sat, 31 Dec 2022 21:38:12 GMT
42f38542-888a-11ed-9de6-1fe3cd8f0306
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame EE10
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=42f38589-888a-11ed-9de6-1fe3cd8f0306
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/42f38542-888a-11ed-9de6-1fe3cd8f0306
0
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/42f38542-888a-11ed-9de6-1fe3cd8f0306
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debd359466925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:13 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Fri, 30 Dec 2022 21:38:13 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/42f38542-888a-11ed-9de6-1fe3cd8f0306
Server
nginx
X-fe
115
42f66c10-888a-11ed-821d-10a0cca80206
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 48D2
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=42f66c63-888a-11ed-821d-10a0cca80206
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/42f66c10-888a-11ed-821d-10a0cca80206
0
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/42f66c10-888a-11ed-821d-10a0cca80206
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debd4dce46925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:13 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Fri, 30 Dec 2022 21:38:13 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/42f66c10-888a-11ed-821d-10a0cca80206
Server
nginx
X-fe
87
Pug
image2.pubmatic.com/AdServer/ Frame 9CFF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LFP87S8Bqb83VaroL1CwuCsEpO43Vv--Igbtpp3Q
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LFP87S8Bqb83VaroL1CwuCsEpO43Vv--Igbtpp3Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 21:38:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 30 Dec 2022 21:38:12 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LFP87S8Bqb83VaroL1CwuCsEpO43Vv--Igbtpp3Q
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 171B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7183059161613924504&gdpr=0&gdpr_consent=
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7183059161613924504&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 21:38:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Fri, 30 Dec 2022 21:38:12 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7183059161613924504&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 7960
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YdMcV8tfQXFPMBgK8vtrKVFfBSk
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YdMcV8tfQXFPMBgK8vtrKVFfBSk
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 21:38:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Dec 2022 21:38:12 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YdMcV8tfQXFPMBgK8vtrKVFfBSk
Pug
image2.pubmatic.com/AdServer/ Frame 2AD4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFNekRVN0hYclVBQUI3V1pTUVpVUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAMzDU7HXrUAAB7WZSQZUQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAMzDU7HXrUAAB7WZSQZUQ&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAMzDU7HXrUAAB7WZSQZUQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7716669635483849316&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAMzDU7HXrUAAB7WZSQZUQ&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAMzDU7HXrUAAB7WZSQZUQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 21:38:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 30 Dec 2022 21:38:13 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAMzDU7HXrUAAB7WZSQZUQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
p
a.audrte.com/ Frame 9EA9
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=49D7B69C-5C27-4145-96D0-8B5DD56732B7
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-191-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 21:38:13 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 30 Dec 2022 21:38:13 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 9EA9
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=49D7B69C-5C27-4145-96D0-8B5DD56732B7&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=49D7B69C-5C27-4145-96D0-8B5DD56732B7&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=49D7B69C-5C27-4145-96D0-8B5DD56732B7&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=49D7B69C-5C27-4145-96D0-8B5DD56732B7&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 9EA9
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Redirect headers

date
Fri, 30 Dec 2022 21:38:12 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
mw
mwzeom.zeotap.com/ Frame 9EA9
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=49D7B69C-5C27-4145-96D0-8B5DD56732B7&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6eccaa71490f0634635e99bf840f27da&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=f73fe5a2ee26a5fa
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e7fca00c-6a75-4f3b-5e05-709670f0297b&reqId=e3ceea3d-6eba-451b-6558-041e68cd66fe&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEOEe8K4wL5YcYwU3ftam5Wo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e7fca00c-6a75-4f3b-5e05-709670f0297b&reqId=e3ceea3d-6eba-451b-6558-041...
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEOEe8K4wL5YcYwU3ftam5Wo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e7fca00c-6a75-4f3b-5e05-709670f0297b&reqId=e3ceea3d-6eba-451b-6558-041e68cd66fe&zcluid=f73fe5a2ee26a5fa&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
781debcf78712bf2-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEOEe8K4wL5YcYwU3ftam5Wo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e7fca00c-6a75-4f3b-5e05-709670f0297b&reqId=e3ceea3d-6eba-451b-6558-041e68cd66fe&zcluid=f73fe5a2ee26a5fa&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
49D7B69C-5C27-4145-96D0-8B5DD56732B7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9EA9 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/49D7B69C-5C27-4145-96D0-8B5DD56732B7?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:4379:fd12:b154:f230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 9EA9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NwovZclE2uX.Lcnfsh8geDF.8ONMS1E-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NwovZclE2uX.Lcnfsh8geDF.8ONMS1E-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NwovZclE2uX.Lcnfsh8geDF.8ONMS1E-~A&gdpr=0&gdpr_consent=
date
Fri, 30 Dec 2022 21:38:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9EA9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=5d0b7c92-8870-4269-baea-2b140d94808f&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=751306bd-d7cb-4065-8aec-cc39e25540bc&gdpr=&gdpr_consent=&gdpr_pd=
1 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=751306bd-d7cb-4065-8aec-cc39e25540bc&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 21:38:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=751306bd-d7cb-4065-8aec-cc39e25540bc&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 30 Dec 2022 21:38:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 9EA9 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9EA9 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9EA9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3998449658548754806&gdpr=0&gdpr_consent=&us_privacy=
1 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3998449658548754806&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 21:38:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3998449658548754806&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 42C9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debcdcf866925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Dec 2022 21:38:12 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame DDB2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
781debce58656925-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 21:38:12 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Dec 2022 21:38:12 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
async_usersync
ib.adnxs.com/ Frame F784 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
AN-X-Request-Uuid
177341cb-98b3-48f7-ac0c-6a60716f9254
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
playlist360p_668400.ts
amg01742-walla-wallanews-ono-2eohr.amagi.tv/ Frame 8E02 		727 KB
728 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-2eohr.amagi.tv/playlist360p_668400.ts
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3cdee4a8a273005f71b5a571614167b0ff546201b78d0907d9677b3324500ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:37:47 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
26
x-cache
Hit from cloudfront
content-length
744104
last-modified
Fri, 30 Dec 2022 21:37:45 GMT
server
AmazonS3
etag
"05eb013421d1421fddaf0ad763b4aa76"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
1clw_gj5mlg_ox_6Qq4s-y1QKdWeHCdsij6FBPiZ-OT9F6Zk_2zxGQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame 88C6 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmRtO8SZ2sUbwZFBv-UTnY3ftVKZSy7my7K84Jc3_1k3e76ers989IxjBkvjjCppJqn8OpbWY3JGckQNBwytfSLbXs6_Qrj0ieCjMZTx0ASY2gmPl1OEf6pOkXKiApXI41iQDAEg&sai=AMfl-YSEruYBgkNP8_9bh1CN_LWA81tqlJNXj0zccUXfNc5b41cAvr9gq_XeFihLSH6Ttcr9XN4LlcaP9B6it3aRx4-tzsbFj4y2QAoABHPuVl_Kj4YRHeiu_3nHCntamw&sig=Cg0ArKJSzPv8-GDZFe7cEAE&cid=CAQSOwDq26N9F9rWHYqbrcJZCP6QDfI22qauka8KWWLUiKgxageh1l84pdcaGNLxVrqGSvsCHgBSCgDoT95mGAEgEw&id=ampim&o=1479,551&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=100&tls=1103&g=100&h=100&tt=1104&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playlist360p_668401.ts
amg01742-walla-wallanews-ono-2eohr.amagi.tv/ Frame 8E02 		664 KB
665 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-2eohr.amagi.tv/playlist360p_668401.ts
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e51e8590f72373158461f5932a1fe9428d8ee46a07c6f8d4f1691b14089f7c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:37:53 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
20
x-cache
Hit from cloudfront
content-length
679996
last-modified
Fri, 30 Dec 2022 21:37:51 GMT
server
AmazonS3
etag
"6fa31042e28333f6c68e545fd0d61f1f"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
RRobYIJj-pDYreUh_C51M-3NpyUVXzHQPHE3JTV33wWQTukKo2X6Lw==
async_usersync
ib.adnxs.com/ Frame BACE 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:12 GMT
AN-X-Request-Uuid
6195c160-f5c9-430b-9322-ab304cd2d736
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2800 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:13 GMT
AN-X-Request-Uuid
171b6727-4176-418e-90d2-3323cd7e414a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AABD 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:13 GMT
AN-X-Request-Uuid
fe4a6ac8-42de-4939-a874-8f88f11ae872
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F784 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 21:38:13 GMT
AN-X-Request-Uuid
8ce514d6-d31c-4f97-869c-a4f712c20839
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
s.ad.smaato.net/c/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:13 GMT
cache-control
no-cache, must-revalidate
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
V6dNjopN7_My6b8V6GKEKahz2PTupgtsJN3fm3c08u5RA0EuRvDvOg==
x-cache
FunctionGeneratedResponse from cloudfront
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156701&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=BPk2YaUP...
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1&piggybackCookie=uid:2a4964c9-f90a-488a-adc7-...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3200286950011710416
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 30 Dec 2022 21:38:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAA...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=5d3cd8f2-82ae-43af-b12e-67ba2cf5cb2b&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_...
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=5d3cd8f2-82ae-43af-b12e-67ba2cf5cb2b&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:13 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=5d3cd8f2-82ae-43af-b12e-67ba2cf5cb2b&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1
date
Fri, 30 Dec 2022 21:38:13 GMT
server
_
content-length
0
/
b1sync.zemanta.com/usersync/smart/ 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 21:38:13 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=280c7ac6-8685-493e-b444-02e4272237a5&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_O...
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=280c7ac6-8685-493e-b444-02e4272237a5&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:13 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=280c7ac6-8685-493e-b444-02e4272237a5&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:13 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9e03f451-42d1-4b9a-bb2e-cbadf365c8c9&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMDtZTtdpS3Md60acI4T-Rc&google_cver=1&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQ...
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMDtZTtdpS3Md60acI4T-Rc&google_cver=1&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 21:38:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMDtZTtdpS3Md60acI4T-Rc&google_cver=1&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
414
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7183059161613924504&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7183059161613924504&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:13 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7183059161613924504&gdpr=1&gdpr_consent=BPk2YaUPk2YaUApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Date
Fri, 30 Dec 2022 21:38:13 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=61718290&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=ForcedPlay&el=Google&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1852875319.1672436285&tid=UA-4780630-1&_gid=1693097556.1672436285&gtm=2wgbu0T728TH&cd1=1852875319.1672436285&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd45=Google&cd47=Live&cd49=&cd50=Live&cd72=true&cm9=1&z=231827754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68142
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
playlist360p_668402.ts
amg01742-walla-wallanews-ono-2eohr.amagi.tv/ Frame 8E02 		683 KB
684 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-2eohr.amagi.tv/playlist360p_668402.ts
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb1e66ace9ae93f5a9d17c18afd3f3d700e2b568c084ffcde29e51f035836901

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:00 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
14
x-cache
Hit from cloudfront
content-length
699172
last-modified
Fri, 30 Dec 2022 21:37:57 GMT
server
AmazonS3
etag
"1d47dea37be9df883e5e26d752810575"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
Wc3znRcf7GkRRW1q6hUpe4BLVSs8lz95DC7Dnf7lgkT-AIdusViSFA==
SPug
simage4.pubmatic.com/AdServer/ Frame 9EA9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
playlist360p_668403.ts
amg01742-walla-wallanews-ono-2eohr.amagi.tv/ Frame 8E02 		698 KB
699 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-2eohr.amagi.tv/playlist360p_668403.ts
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25a9bce710eaea3d9954f30708b7e92934403fc7bf5e7869fd911fc4febd0185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:06 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
9
x-cache
Hit from cloudfront
content-length
714400
last-modified
Fri, 30 Dec 2022 21:38:03 GMT
server
AmazonS3
etag
"f9ace06e8d0d0e6c01bb31d3605da63c"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
7JFKH3WqE9renidiwyod2nATFsW7gi-55ITRyLHYeZu-_fpQR-FFsQ==
playlist360p.m3u8
amg01742-walla-wallanews-ono-2eohr.amagi.tv/ Frame 8E02 		528 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-2eohr.amagi.tv/playlist360p.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3334b63647bc4f6e2daa090194bcdd294bbd88202493d17e436d696c3fed6004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:13 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2
x-cache
Hit from cloudfront
content-length
528
last-modified
Fri, 30 Dec 2022 21:38:09 GMT
server
AmazonS3
etag
"2fcde7caa583de67796b80935bb54849"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=3
accept-ranges
bytes
x-amz-cf-id
_oMoEU6mauK5tgXFHawU5PceWezPGSCM6l7lrw7iIPc7x9x_qKWvEQ==
PugMaster
image6.pubmatic.com/AdServer/ Frame 221B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1980629&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e6e66eb30ad598d16c069e57df468700efc6554e758a6d81e637fae4c8f41e80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 30 Dec 2022 21:38:13 GMT
content-length
1941
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 64E1 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 30 Dec 2022 21:38:14 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5CD4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y69aRAAIACecsAAF&gdpr=0&gdpr_consent=
1 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y69aRAAIACecsAAF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 21:38:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 30 Dec 2022 21:38:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y69aRAAIACecsAAF&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220027-HHN
x-timer
S1672436295.854122,VS0,VE0
i.match
a.tribalfusion.com/ Frame 13A0 		43 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
781debdaeb3892b7-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 21:38:15 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame EDBA
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 21:38:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 30 Dec 2022 21:38:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
generic
match.adsrvr.org/track/cmf/ Frame E457
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4361023923
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4361023923
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 30 Dec 2022 21:38:14 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 30 Dec 2022 21:38:14 GMT
etag
RX590e55ef10ee4f2e838d6a7dee6107cc003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4361023923
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame A8AC 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 30 Dec 2022 21:38:14 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-6a578c9bbede@version_1.531
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 9CAE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 30 Dec 2022 21:38:15 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame F4D7 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 30 Dec 2022 21:38:14 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f73fe5a2ee26a5fa/gdpr=0/ Frame D54F
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f73fe5a2ee26a5fa/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f73fe5a2ee26a5fa/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7AicPGkHMTYMnVgXnnXUgVMg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Fri, 30 Dec 2022 21:38:15 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.25.130

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f73fe5a2ee26a5fa/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7AicPGkHMTYMnVgXnnXUgVMg
cm
ipac.ctnsnet.com/int/ Frame 92A7 		43 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 30 Dec 2022 21:38:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 807F 		0
0
SPug
image4.pubmatic.com/AdServer/ Frame 221B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e4663af-5a40-4400-a6b6-b7352681f2cc
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e4663af-5a40-4400-a6b6-b7352681f2cc
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 30 Dec 2022 21:38:14 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x29 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e4663af-5a40-4400-a6b6-b7352681f2cc
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 30 Dec 2022 21:38:13 GMT
unip
trc-events.taboola.com/1245572/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=10666&scd=9&ssd=1&est=1672436286055&ver=35&isls=true&src=i&invt=6000&rv=1&tim=1672436296721&vi=1672436286053&ri=2fa96b367b2bab35add0b6e384543a82&ref=null&cv=20221227-23-RELEASE&item-url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Fri, 30 Dec 2022 21:38:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
playlist360p_668404.ts
amg01742-walla-wallanews-ono-2eohr.amagi.tv/ Frame 8E02 		286 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-2eohr.amagi.tv/playlist360p_668404.ts
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:12 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
5
x-cache
Hit from cloudfront
content-length
723800
last-modified
Fri, 30 Dec 2022 21:38:09 GMT
server
AmazonS3
etag
"839654f2ae1f1a983ddb60a8c14e7068"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
Aq6RcsbfbFblQzg4HJpxqLHePbruy9HgF1-VqVRPoYoEa7nL8Y0Xnw==
SPug
simage4.pubmatic.com/AdServer/ Frame 221B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:38:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all
csm.eu.criteo.net/ Frame 33D9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=NOgb1CUfU-nAphLjXyjKTVz0-8rktmwhFpR8-i2B8yxqQq7XAPjVRj12L4fH3zFhwcs5zh_ZUflE1ttHUEL-62wDYT6IJWNa7NSlu6n02-djvuKH4k6QsRIHk_cAy6X4HuO96Lhsbuu8EF83l58xKx-s8eq91dipcLwbewa5KKznaBBSOU5wbDaITj-9url6VG7V1f_iiPk6ZmdiAhcGuE77GvzfdEfvVAna6cXfs-80Hi9AnEcO6ZcE0kPjuvFYd2dEiQ&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y69aQAAL8WkH_Z_HAAXyArz7VA3B4vuUR9XS0g&u=%7CBmchkXkdLVVpZzLPTdT2dVhfm2GDfMvHnk1eTiCz%2FN8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE3eiakwChf67R-96NilKK0XiAoqXkQyhrvazeb8FlBwpL0rbxRWIPhFXR8yRGd5zMfFjbglv1RC62miaGTWCQWcKnZFiMArYiZqxCuY4gOw2yCdy7Cjl9Tb65Nc4FMvtPANzQcj8dhao8wvgDJLLBjISCWZrLZ6utR6fZ5XjnFL6V_sNWeXdcNx73h-AMGGczucuN44yEQlHe9KqKodbK4LlUHzSDtCtMYinohf3rMEPMIMl-KOytmNJWiys58bvOITXqyHpQnx1O71wi4H79T2uwpdpKmPQmLNu58M5DB_ZK-arSzj7Xln80ZKn5w4yGWcQuBPoJIoLtsxfhJhdgX8F1bUCbZio5DQu-7A2RIiiOM0yEl1L0SBnM34s35JYx4icdWafTeIrfj3_2-UNJfqGwC2p9POy2XddUBlB3URifaScyoJK99xmMB79p8dEyLMm2bgugDnJMBd1pMMc4wwcJL20f-3lj6gx4QHYWfrVajWdAiQbvx7TdrOE6AQpeDXKG2wYus6x5kaP8MhU_A_3VeYcVlXOVM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuVuQFqvY-niL8e_9u8PguSXsA7JntKxXJWil_dwwI23ARABIABglZKWgqgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpArd0nGoC57E-4AIAqAMBqgT9AU_QA9nkUtsJkUa4bcn4OUIJzIIo65aNO4wEt9USEjLalVRhMoxsQOcQWb4EZzABe2nTRktX_5V-1fSCskT_F8Q2_YtfGHoz-1PvZmCiR1r8bilHjKcJa9a9F0TmZe8K-OYqYEFRqv3vDGiwRUwbFQGVdqGSxK6gF_jiB3ApMPEWGr7TT1CVhJh1rF8zS2hqJD2XhCy0Pld2HwPV1CnaesRGZ2fx7Q74ztpugXre7vSVA1e6kl3E2T0T_S5S8qGkWDWw9RMXWNuZdY8SA2WB-uE5-y8k86qcwjxbQlbFF7RD9tXvgG0SV-1GdKWm_1odh0x4YxxqA7SgPofgIdzgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09nHD4X8aJH8T_UOc4I4Le-xSfuQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 21:38:16 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221230
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| oncontentvisibilityautostatechange function| addScriptPromise object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist function| ga object| WallaTargeting object| _sf_async_config object| _cb_shared string| loadDataState function| smartlook function| ym object| __LOADABLE_LOADED_CHUNKS__ object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| google_tag_manager object| _cbm string| GoogleAnalyticsObject object| gaplugins object| gaGlobal object| gaData object| ptag object| f object| ktag string| path object| z function| desc function| category function| author function| tags function| age function| gender object| permutive function| postscribe object| google_tag_manager_external object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| fbq function| _fbq object| _tfa object| google_conversion_id object| google_custom_params object| google_remarketing_only function| onYouTubeIframeAPIReady object| regeneratorRuntime string| __strip_step__ object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| _0xc513 function| _0x548d object| _vadHb object| vadprebid object| vadprebidChunk object| ADAGIO object| __twttrll object| __twttr object| Ya object| yaCounter91804681 function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| PlayerSdk object| WallaPlayerApi object| webpackChunk_smartlook_recorder object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| sas object| apntag object| _ADAGIO object| a function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| sw_consent object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| closure_lm_315289 number| w2gLoaded object| ONFOCUS function| generateHash function| w2gTcf2 function| setRunAdsEvent object| w2g object| pbjsWtg object| conf object| reloadAds object| wtgAllConfigAdunitsReload number| start function| pbjsWtgChunk object| _pbjsWtgGlobals object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| GoogleGcLKhOms object| google_image_requests

150 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _cb
Value: CHinHsClo25v15FC9
.walla.co.il/ Name: _chartbeat2
Value: .1672436285136.1672436285136.1.4yPXoCABxTsCsh_9JBpgbyUB3do2M.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _t_tests
Value: eyIzcklGNk04dmcxOTBBIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEQVVTbXYiXX0sIm11aUlhMkplaE1ZWXciOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkJTNlpNSiJdfSwibGlmdF9leHAiOiJtIn0=
.walla.co.il/ Name: _gid
Value: GA1.3.1693097556.1672436285
.walla.co.il/ Name: _gat_UA-249518521-1
Value: 1
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.walla.co.il/ Name: _ym_uid
Value: 1672436286411206565
.walla.co.il/ Name: _ym_d
Value: 1672436286
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3955631848fake
.adnxs.com/ Name: uuid2
Value: 3200286950011710416
.walla.co.il/ Name: _ym_isad
Value: 2
.walla.co.il/ Name: _fbp
Value: fb.2.1672436286259.1677744404
.walla.co.il/ Name: vad-loc-code
Value: de
.mc.yandex.co.il/ Name: sync_cookie_csrf
Value: 1165806118fake
.walla.co.il/ Name: _ga_L30GH6X3WK
Value: GS1.1.1672436285.1.0.1672436286.0.0.0
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1672436285.1.0.1672436286.0.0.0
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 78621975fake
mc.yandex.com/ Name: yabs-sid
Value: 2621511361672436286
.yandex.com/ Name: i
Value: 2OixhVQ6NK/jHC0Lgbr1iiLFVp1oluiTZbZDKO0Jlj6hYwX2R7jc3MEoLv+z+IUrUlyQ8j9fWBXD8VcZpMYUaAOYsf4=
.yandex.com/ Name: yandexuid
Value: 1224195101672436286
.yandex.com/ Name: yuidss
Value: 1224195101672436286
.yandex.com/ Name: ymex
Value: 1703972286.yc.1672436286#1703972286.yrts.1672436286#1703972286.yrtsi.1672436286
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rubiconproject.com/ Name: khaos
Value: LCB1DU3S-2-1P78
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB25oJws4GRS314C1LCtWBX9mfsNIvv6Qtrw0zLiRRUt4V77ssWQi5JJuOYdOTdJHhk5p164vmVCVSYbB5SW5XQ37GGGOiqNCvuma+WVcS1g3g==
.walla.co.il/ Name: _ym_visorc
Value: b
.doubleclick.net/ Name: IDE
Value: AHWqTUm11nd2NXU27chZ1ACuMDyZWbIHdjjaBxYTqBFu_pRWzIbxlJkH3EDs0qFRyHc
.walla.co.il/ Name: __gads
Value: ID=0176f1992b1f8560:T=1672436287:S=ALNI_MZZbRm9OcBXKB6atLfJb6N-nL9O7w
.walla.co.il/ Name: __gpi
Value: UID=00000b9af692e851:T=1672436287:RT=1672436287:S=ALNI_MbdjbA2ZTvbdMJCmIqQjFEj-GKGVQ
.lijit.com/ Name: ljt_reader
Value: F55SsGZHXauzJYlqT82YvANk
.ctnsnet.com/ Name: gid_CAESEGYiVvkc-eyjjyJI37wXNjc
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22666A5F03-DF54-4E01-BCF5-2EDD5490E4A2%22%7D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ads.stickyadstv.com/ Name: UID
Value: bb9fb5a7573c62c95bbe69fa91fcf756
.3lift.com/ Name: tluid
Value: 4174420873034606944661
.360yield.com/ Name: tuuid
Value: 8ec0f249-cb91-4db9-91e2-a12f62f45b16
.360yield.com/ Name: tuuid_lu
Value: 1672436288
.adfarm1.adition.com/ Name: UserID1
Value: 7183059161613924504
.creativecdn.com/ Name: u
Value: mePzQPnS5M0kUWiLFV3a
.creativecdn.com/ Name: ts
Value: 1672436288
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 49D7B69C-5C27-4145-96D0-8B5DD56732B7
.mathtag.com/ Name: uuid
Value: 8e4663af-5a40-4400-a6b6-b7352681f2cc
.mathtag.com/ Name: mt_mop
Value: 4:1672436288
m.exactag.com/ Name: exactag_new_gk
Value: 329a077e5ee14d9da8f78c40a2a2dff2%7c28.02.2023+21%3a38%3a08
m.exactag.com/ Name: exactag_new_uk
Value: 90854148b0dd4701ae23ecbbb4d1449a%7c
m.exactag.com/ Name: session_session
Value: 0fb664c1679b441a9162d92b
.weborama.fr/ Name: AFFICHE_W
Value: Sv@5g-9XkLhK18
.simpli.fi/ Name: suid
Value: 0D80ED343F314F8DAD36DD0E381F8826
.zeotap.com/ Name: zc
Value: e7fca00c-6a75-4f3b-5e05-709670f0297b
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 202859567694457704
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3200286950011710416&KRTB&23339-3200286950011710416
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:8e4663af-5a40-4400-a6b6-b7352681f2cc&KRTB&16736-uid:8e4663af-5a40-4400-a6b6-b7352681f2cc&KRTB&23019-uid:8e4663af-5a40-4400-a6b6-b7352681f2cc&KRTB&23208-uid:8e4663af-5a40-4400-a6b6-b7352681f2cc
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFPKh6mondeefGQ4U1Qpwk4&KRTB&16514-CAESEFPKh6mondeefGQ4U1Qpwk4&KRTB&23025-CAESEFPKh6mondeefGQ4U1Qpwk4&KRTB&23386-CAESEFPKh6mondeefGQ4U1Qpwk4
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-202859567694457704&KRTB&23263-202859567694457704
.de17a.com/ Name: guid
Value: 1.629282677052548305
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-629282677052548305
.amazon-adsystem.com/ Name: ad-id
Value: A6WojJi7cUmKiRv736EovmA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.walla.co.il/ Name: _ga
Value: GA1.3.1852875319.1672436285
.casalemedia.com/ Name: CMID
Value: Y69aQU9woO92CHfmlFe-iAAA
.casalemedia.com/ Name: CMPS
Value: 1153
.casalemedia.com/ Name: CMPRO
Value: 1153
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-590e55ef-10ee-4f2e-838d-6a7dee6107cc-003%22%7D
www.walla.co.il/ Name: _pbjsWtg_userid_consent_data
Value: 6817726487680615
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 517199=5257298
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 7716669635483849316
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1313617845%3B%24ql%3DHigh%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0&c=1&l=-484118455&lo=-1108704272&lt=638080330901848449&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1313617845%3B%24ql%3DHigh%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEwv7S9nQY4AUABSAEKGQjDsIIBEAoYASABKAEwwrS9nQY4AUABSAEQwrS9nQYYAQ..
.openx.net/ Name: i
Value: ec5b91e6-243f-0cdb-193a-352e8a281d1f|1672436290
.criteo.com/ Name: uid
Value: 75038b37-9ffc-411f-afe5-508f7860ab91
.bidswitch.net/ Name: tuuid
Value: 751306bd-d7cb-4065-8aec-cc39e25540bc
.bidswitch.net/ Name: c
Value: 1672436291
.bidswitch.net/ Name: tuuid_lu
Value: 1672436291
.walla.co.il/ Name: cto_bundle
Value: GVO0pF9nWGFSZU9UNlozeGF6ZW9PSUlCU2RoTlhlYlIzZHc2YUlFMG9MMXBCM29QZ0Z0Z2ZwMXM2REtuQUhadG9FUmhsVHJ2cnpDQ054ZHphbzVKSlJvRG5HeUd6RGxGQTlJc21FQVQ1eDdLTkdzVDZPSzlYZVRpTHVZZEtqS2ljS094RjhOcFNDOEhhVnlaSHByUWljVzVDYlElM0QlM0Q
.walla.co.il/ Name: cto_bidid
Value: qz_SDV80UVd1SHlwNXlKNTRJdVpia0NqUlNkeGlaMyUyQkRIU2ZtSVcxN2hwZE9IeGtQcGl3MmIwVzNGYWx3elhVd3E4bzZNUXBhSXZ6VWJmeUdyY1VZJTJCWVFkRm1mcU45N1BURUNueFBZYWlvVjlHRTglM0Q
.quantserve.com/ Name: d
Value: EJABCwH3J_ijAA
.quantserve.com/ Name: mc
Value: 63af5a44-57c50-31d9e-6b58f
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-LFP87S8Bqb83VaroL1CwuCsEpO43Vv--Igbtpp3Q&KRTB&19420-LFP87S8Bqb83VaroL1CwuCsEpO43Vv--Igbtpp3Q&KRTB&22979-LFP87S8Bqb83VaroL1CwuCsEpO43Vv--Igbtpp3Q&KRTB&23403-LFP87S8Bqb83VaroL1CwuCsEpO43Vv--Igbtpp3Q
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7183059161613924504&KRTB&23278-7183059161613924504&KRTB&23369-7183059161613924504
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2Hbxt'/O<!A#Eo(3<Syd5yNAiH:-*eQLx`T`bwGUyHWKTf:mWGmEu'E:=DkFTQ1RSu!'+=IlKrkkTRuNya!tNhTp=2Ngpx
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI3MmQ2YmFmMmRiZmNlMzYyY2I4NzYxNTY3ZGIxNTY0NSIsImV4cGlyZXMiOiIyMDIzLTAzLTMwVDIxOjM4OjEyWiJ9fSwiYmlydGhkYXkiOiIyMDIyLTEyLTMwVDIxOjM4OjA4WiJ9
.company-target.com/ Name: tuuid
Value: 469215f7-9f14-4d3f-81e9-017812dc2c0f
.company-target.com/ Name: tuuid_lu
Value: 1672436292
.bidr.io/ Name: bito
Value: AAMzDU7HXrUAAB7WZSQZUQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.onaudience.com/ Name: cookie
Value: f73fe5a2ee26a5fa
.onaudience.com/ Name: done_redirects161
Value: 1
.turn.com/ Name: uid
Value: 3998449658548754806
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y69aRAAIACecsAAF
.scoota.co/ Name: tuuid
Value: 5d0b7c92-8870-4269-baea-2b140d94808f
.scoota.co/ Name: c
Value: 1672436292
.scoota.co/ Name: tuuid_lu
Value: 1672436292
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&61486f9c-5c07-4197-856c-666631722394"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzI0MzYyOTI7MjswMjEhmdwDtlYjUEOOCK8OOdV5P/m3hLeBwYbsvKIxEOwc5A==
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2861:u=1:x=1:i=1672436292:t=1672522692:v=2:sig=AQGRzogF6YBkdqJqo1WQPUVp9hU_d8OE"
.semasio.net/ Name: SEUNCY
Value: CD0CCF7C0086FF8E
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3998449658548754806&KRTB&23150-3998449658548754806
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-61d31c57-cb5f-4171-4f30-180af2fb6b29.WbK6ddNINf%2FdUdJAiSJiLFwemDumPzem3pBPL38%2Fhic
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AYdMcV8tfQXFPMBgK8vtrKVFfBSk.qGxTGTGF9IF70uFrxPSQ3%2FcbF%2FAcnhPzu2hNyB3c%2FpQ
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrI0MTEytjA3sxTiM9R19faMr_IISvTyLM4GAPWq4dklAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrI0MTEytjA3sxTiM9R19faMr_IISvTyLM4GAPWq4dklAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZm5kYmxmZGlkbmYGAFlBMbIQAAAA
.casalemedia.com/ Name: CMTS
Value: 5253
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-YdMcV8tfQXFPMBgK8vtrKVFfBSk&KRTB&23334-YdMcV8tfQXFPMBgK8vtrKVFfBSk&KRTB&23417-YdMcV8tfQXFPMBgK8vtrKVFfBSk&KRTB&23426-YdMcV8tfQXFPMBgK8vtrKVFfBSk
.fiftyt.com/ Name: fifid
Value: ac71c67d-9ea9-4c2a-6fc3-9b6b3fd2ddae
.fiftyt.com/ Name: cs
Value: MTY3MjQzNjI5MnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fMgdtFfjkKnstHYcqZ0DKNvvNsHYpZyukzst_GgabU_O
.yahoo.com/ Name: A3
Value: d=AQABBERar2MCEAKnWqEFvkWDFDSAEp04hZYFEgEBAQGrsGO5YwAAAAAA_eMAAA&S=AQAAAo_cYtq6qGwug3B0yJgTz3o
.fiftyt.com/ Name: fppm
Value: 20221230213812
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zsc
Value: %FE%7Dn%EET%C9h%CF%02%FE%BA%0D%F8%BDR%E6%E8b%FA%2F%9AG+%F0%B1V3%08%3D9%E8%84%B1%A2%B6%96%BBT%9D%08%C4%D8%AA%A0R%19%8A%29k%06%E8%D8%EDH%3F%18%C1%9B%F2Y%CE%BC%3A%FF%2BF%90%9C%7D~%C9%15%A9%03%7Dgi%FD%7FR%7D%3E%A4
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5d9d1f683b63d70f
.creative-serving.com/ Name: tuuid
Value: 9259b876-b36e-4188-8842-7c512836878d
.creative-serving.com/ Name: c
Value: 1672436293
.creative-serving.com/ Name: tuuid_lu
Value: 1672436293
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-751306bd-d7cb-4065-8aec-cc39e25540bc
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2959
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAMzDU7HXrUAAB7WZSQZUQ
.pubmatic.com/ Name: PugT
Value: 1672436293
.audrte.com/ Name: arcki2
Value: hdl8JALcSQiTqWmokDMfw--DQ!20220908!1672436293248!ip#81.95.5.41
.audrte.com/ Name: arcki2_pubmatic
Value: 49D7B69C-5C27-4145-96D0-8B5DD56732B7!20220908!1672436293253
.openx.net/ Name: pd
Value: v2|1672436293|gu
.tidaltv.com/ Name: tidal_ttid
Value: 280c7ac6-8685-493e-b444-02e4272237a5
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjYxtzI0NgMAiG2OQAkAAAA="
.smartadserver.com/ Name: csync
Value: 49:7183059161613924504|96:280c7ac6-8685-493e-b444-02e4272237a5|124:5d3cd8f2-82ae-43af-b12e-67ba2cf5cb2b|127:AAMzDU7HXrUAAB7WZSQZUQ
.adsby.bidtheatre.com/ Name: __kuid
Value: 2a4964c9-f90a-488a-adc7-5bfc82fd4165.441650293
ads.playground.xyz/ Name: connect.sid
Value: s%3A72U93JLnQy3rD0U-w73OFfGyk4caocjn.fzCw4eDRc8fCaEpRUg4oSIZiiLDI08WgGOARHxpLBc8
.spotxchange.com/ Name: audience
Value: 42f66c10-888a-11ed-821d-10a0cca80206
.smilewanted.com/ Name: sw_user_params_infos
Value: NwqNVhieEGHYRDim1TtoV15gPSvEg172v0U8IKihOJHsdtSMw%2FulAxct7qHY26mBdqHA6%2FkTKSAPwdUdPk4rbKGlFqXF530WfpklTqu69obIPdXj62wdCGNSxxKj%2BVbh09NTRsQeHJRRcV%2FiIIYG5gwXn0ISBsdsiYZUnAkrUHBsp9mUs1wwtTvcejldMxx2dxL5%2Fbff%2FZwsyZESZo6uX0uH2WiSEzdG3AgxW3qoZ4JgGpDzl7lT9j6f32I7VivxFNuuhoHPYQJblr%2BK4V3Ec59uT%2BA2VgKrxgJWYbzJv%2FmfGnVDd85VQTDGaZTkkHyChSJ7nCGM1grbwjvgI9onrGVF%2FsQwd%2BFBVi3ZjmXRn%2FQ6HA11eVXnFaSPOB98OfUJ5MBj%2Fbe7GzRoige1HmghCCVRzmtSwy3uHR6cAP%2Fn57p%2FUm%2BXdnU2kptjlyo8%2F7h9raXavtziNCSdOmeoYMRWdhE%2FZtioY%2FRRjPpdi2%2FXfK9eW6weAaTz%2BAnebrHjUgSCFQCGkNQQkKRqBtTGyedrZw%3D%3D
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.pubmatic.com/ Name: pi
Value: 160447:4
.pubmatic.com/ Name: DPSync3
Value: 1673568000%3A219_201_197_226_221_227_245_241_235%7C1672444800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1672963200%3A15_223_2%7C1674950400%3A203%7C1673654400%3A35%7C1673222400%3A63%7C1673568000%3A55_233_204_54_8_22_88_81_251_234_56_166_165_71_176_254_3_7_13_161_99_243_214_21_220_238
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y69aRAAIACecsAAF&KRTB&22978-Y69aRAAIACecsAAF&KRTB&23194-Y69aRAAIACecsAAF&KRTB&23209-Y69aRAAIACecsAAF
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-590e55ef-10ee-4f2e-838d-6a7dee6107cc-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: SPugT
Value: 1672436293
.ctnsnet.com/ Name: cid
Value: 7f0e9f1b795449a4ac3ec7adb62b1c2c
.csync.loopme.me/ Name: viewer_token
Value: b07e9222-4667-4650-8492-3d8b5b0726ee
.tribalfusion.com/ Name: ANON_ID
Value: aLnvJOpkijdDifqAaEseSZdcJjemNM50woONW3E6T0moKJ4WCHMpTTyKtZbIIRNy39Suv4DXHbB7NhJFc4PV0ZaKqCwuKm9srN81jKPZalsdUpO8r5dE79ZbkUDZbc
.onaudience.com/ Name: done_redirects104
Value: 1

13 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-12-30
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9868.MmlSTnim_xh9DcPE7v334E3AgSTNMWuWNO_xYZn8T6WIw3RkqHlxkPASEGCVNSuyBUNjVtgUro_Fegc3P3ZooIheOMdXyiJ0Wo8KOpYrpB8%2C.27Y1bXe0mcMAh4IV_Gt31lJ78X8%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://mc.yandex.co.il/sync_cookie_image_decide?token=9868.Ush0BD8r6plaadzhXyq0Kn1eyZQcpJcUdPask7qttjn9OV3nJeWLNhnpjSk6EyQaCRnQGwHSwiFIM50lEZoaqO1zSjzANBrVH0X5pxHtdiM%2C.S4LXhzbGKSIAKukMuYVspkBefrw%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221230
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
other warning URL: https://c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=49D7B69C-5C27-4145-96D0-8B5DD56732B7&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f73fe5a2ee26a5fa/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7AicPGkHMTYMnVgXnnXUgVMg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.creative-serving.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
adx.adform.net
amg01742-walla-wallanews-ono-2eohr.amagi.tv
ap.lijit.com
aud.pubmatic.com
b1h-euc1.zemanta.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
c4c64fc9dd0f3a62d4cd86ae5cacbac4.safeframe.googlesyndication.com
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.connectad.io
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.taboola.com
cdn.valuad.cloud
cdnjs.cloudflare.com
cf.dxmcdn.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dal.walla.co.il
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
images.wcdn.co.il
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
khn.crowdad.io
ledger.crowdad.io
lib.wtg-ads.com
loada.exelator.com
m.exactag.com
mab.chartbeat.com
mabping.chartbeat.net
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mc.yandex.co.il
mc.yandex.com
mc.yandex.ru
mcdp-nydc1.outbrain.com
mp.4dex.io
mug.criteo.com
mv.outbrain.com
mwzeom.zeotap.com
odb.outbrain.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pix.eu.criteo.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.fr.eu.criteo.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
visitor.fiftyt.com
walla.co.il
waytogrow-d.openx.net
web-sdk.smartlook.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.walla.co.il
x.bidswitch.net
cdn.jsdelivr.net
cm-supply-web.gammaplatform.com
104.18.33.19
104.19.150.54
104.244.42.200
104.96.128.226
104.96.145.246
13.32.27.118
13.32.27.57
141.226.228.48
141.94.171.213
141.95.171.140
142.250.201.194
142.251.208.162
143.204.215.7
146.59.148.16
151.101.130.49
151.101.193.44
159.65.196.12
162.19.138.118
172.64.151.162
172.64.154.237
172.67.10.198
178.250.0.157
178.250.0.163
178.250.2.148
18.195.219.151
18.66.112.124
18.66.171.125
18.66.171.63
185.184.8.90
185.255.84.151
185.29.134.244
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.80
185.64.190.81
185.64.190.87
185.80.39.216
185.86.137.110
185.86.138.124
185.86.139.104
185.86.139.113
185.89.210.212
185.89.211.12
185.94.180.125
193.0.160.128
195.5.165.20
198.148.27.139
198.47.127.18
199.232.18.132
2.18.79.136
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
205.185.216.42
209.54.182.161
213.155.156.167
213.19.147.45
213.227.153.221
216.52.2.19
23.203.124.180
23.203.124.192
23.203.125.156
23.203.125.62
2600:9000:2057:1000:1b:5138:8a40:93a1
2600:9000:206e:7a00:11:da61:a100:93a1
2600:9000:223c:5600:18:1fcd:351:7bc1
2600:9000:2304:da00:4:1c73:c740:93a1
2602:803:c004:200::140
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1957
2606:4700:10::6816:36ce
2606:4700:20::681a:8a9
2606:4700:20::ac43:4673
2606:4700::6812:19ad
2606:4700::6812:372
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:802::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:400d:802::2002
2a00:1450:400d:803::2003
2a00:1450:400d:804::2001
2a00:1450:400d:804::2014
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a00:1450:400d:808::2001
2a00:1450:400d:808::2002
2a00:1450:400d:808::2006
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2003
2a00:1450:400d:80e::2002
2a00:1450:4025:401::9c
2a02:2638:1::13
2a02:2638:1::17
2a02:2638:1::2d
2a02:2638:1::4
2a02:2638::2
2a02:2638::24
2a02:2638::3
2a02:2638::c
2a02:6b8::1:119
2a02:6ea0:cb00::2
2a02:fa8:8806:12::1370
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::714
2a04:4e42::485
2a05:d018:24:b002:3b6:bc72:6632:d6e8
2a05:d018:d29:3601:4379:fd12:b154:f230
2a06:98c1:3122::
3.122.66.11
3.126.56.137
3.33.220.150
3.64.76.195
3.65.162.40
34.102.253.54
34.111.129.221
34.111.131.239
34.196.115.255
34.200.93.8
34.252.235.208
34.254.143.3
34.95.81.168
34.96.71.22
34.98.64.218
35.158.251.131
35.174.181.179
35.186.193.173
35.190.0.66
35.201.96.126
35.204.158.49
35.214.223.115
37.157.4.29
37.157.6.254
5.161.54.172
51.89.9.252
52.0.191.77
52.16.92.165
52.30.109.223
52.30.188.40
52.44.88.224
52.95.126.138
54.194.227.63
64.202.112.191
64.202.112.95
64.95.96.108
69.173.144.138
69.173.144.165
76.223.111.18
77.243.60.138
8.2.108.194
85.114.159.93
85.14.248.71
98.98.134.241
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00778b7246ce1ad6cbc6085624d78cdeb6c805c67c60113beab05259080b7a25
00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111
016e581f41313187d93d34e8aa3f57f75692e5184c4770bea78e75fd0b8342c1
01937047c90246a82d1916150e51461dd70214845e25a5de5c16aa5ac9b1a827
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
07ae4a00b167f3ca5ccec4c5ae8f5110e1838fcd8630f6aa0d5ee9c968c3c83d
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08cfa4466b4880a0fef6eab8988adfa8dd96b5f02c34c37c6b9cb4c949c8f68c
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc5a07f71a488044ff4b872409d1cd3939b33f6256407a9aef3337c4d368091
0d0cb5f46134bf184b84eaffbf879473d426be30ec3d96187982e7a1511c2416
0e51e8590f72373158461f5932a1fe9428d8ee46a07c6f8d4f1691b14089f7c2
10fc98318d2b1839f0d1783b5dc616cc96954174df0fd185f49a5a51d6b5e361
1305b2f052d8eaa0fa1e83f15dfbe15cb58cdff54c44a3a24daa273e2e523a75
1323e01e95e85e9077df1d37116b2efe5ce6c41a60de9adf46667dd0f0067dc5
13d679001581a31d2a570f49c96cfceb487011ef418ea4c2f7165dd468004b5e
1505ed2d0f1a7fdc9ed990be2c46892b93816a2e01d9cf1e9a7162fef74c05ee
15e2b73c170377a7a93b8f95a3e06583759c7839db1a1b0a66b418ad0652452b
16b5208af87f4adea7ed400cc1061bbe49a8a2a8dcb1632cf8ce126aad1de3b7
174e5da2bf96133b8ccb4cdf6bd07442285168f7a053825041903171586250ab
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1939b1a114c6d1b00675720092c351ee23bca23bd5625b9a0366083200f1aba5
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
1a42a538d7c0bd4ca66e29e29f1566558e37e005397105384d145237bed7068f
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1b5726a0b5bc698eb03d9e2887d1da2f374424ad82e74b82a94613f39dc0b434
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18
1d13410c9b439f7d24cbaf04e174d839bfebc99fe34dfca02729c8ae2ee511e7
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e36da77124c1e4d487d41ed4604cb51a1983e6444f3474ea022370aeabbe00e
1e95073dab42296aed67adf3bc9921b2b3ae8deadf99629d64e46c158f1cff57
20b0c8ca5c8236ce3f780c221a69578a6eff064f86a600eafdc7c79e21041e01
22bc75bd8c902bcdd779c2de79e84c37ced071cb5a388c56267a4aebd282448e
24451e152f79311470db90cb2d79c177653f5f53d7f64dce9bedc7976e1b804e
25a9bce710eaea3d9954f30708b7e92934403fc7bf5e7869fd911fc4febd0185
261212f0afe198339163c027bbff7713059a4f0b781870a45f76bb233f16f8d7
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
27d5ee54e058e0bd04114f7acec7552d8c6dc7e500900562c4fa44ca32b1ad34
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac8150003a3c49d2735c3e68ebde6e820308ff0ee6bf57e38604259a4931eac
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d4b858c0e7906266e5342c077cb13a45cc546c1c678da9ca63a13a0940a7a7e
2da824787b226f8860272dc44169ce7ec8708e7737ed663a211c7a7ce64c426f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1e810edb0b4bd3a5081e1079b1c25a46f917125caaecdd2e047e4c991fee07
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b7fe34672f874c1bdbc1cbfd84735a07aff08c1b0df1df162a281dc22052f7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3334b63647bc4f6e2daa090194bcdd294bbd88202493d17e436d696c3fed6004
34105da8973bdef5f096304c920c976eb20007ca983f322b4d1768d9bba9d1ef
34c5d307a57bf09f3c159a6c129370b8c293ec67847b9e4c99c400ec60d476cb
35dc98d4d5d230542ea1fbbef4e1632155545e01ffbe261346e0254a8620100c
365635ceaa786b70d9d42a90eed7f2ede4b2aca69682a1a358ea934ff69f577d
369ef17b9caa93b0f4776a49da800cf191955a0362dd0b254cd52569790d5d58
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36bb2a0e62a2efd2aba9086c3a1a8f30adc0f1f0698aa965b3fb1f01df8d710e
37fc4e7a3abd23889801a34b63714ec4e84e169551243febaff7cb70b9706f62
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c39e471862a462f063ad13a27d59efd62c405bf5d3a31a6a619423626a05d6d
3cba03c2e7e93f6351c5f47a6e0ce808cf656d33b9aebe39ee1de6a41e2acdca
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41a2e7f274565a710dc4549d45d9eabc1630b13ba312d493f3e1f6eee25ed6ce
41ea67e6a6dc723f1f4d267aeb1ea9283bb4a18190e39c1f59b78ee9a36c4184
42f8e7092564a4074f8b5bd68b59c30f2f1817a7a8ed69b12f124f1adc3df893
43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4
443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4539c92f0440d16503e5c262109511ccb8d1972d0a606640829403c4163e2df5
45945e673e9facc8b3292790f069378dc73f3a7d2ee6729d773ae44ddde754ca
45c2a71dac80c6030a1d0f7c9c51b558d7097e1667119d82275c676a73720c1e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4798ef674ebf7b86cd9b8e74691c1332645471f310140ddd24d39fecdc8ce84d
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b64e6a6515b16f8e74e112ee7c7bef32818d4c09a7ce39de9a2bc98b008acb0
4c27a2afdda581624d06861da83a71edaa9e25b23434fce3832d1c0e636cb6d9
4cd76a7d6c3183f770df9dd2359f0b9eba67a228bddec0b94d603b099b35d095
4cf5e50bb60b71d63007bf41fd098082fb9209aad4da33338cf1b89c77408483
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7e243c8e4c50b99a9dd5db1232ffbc2214f0d7f5a4b54fc6640b221a3fad1e
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f9c02f8f2199abde66afc3835db6a47ac2f19e893079c68bb4fa62a1041e120
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47
50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
527fd15d33cf3915f7c21e5f9e1b6d85b4727e76a4c8604907d011409aea9fc9
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55358b1fad8a69e954b3a26c9ebc58bc50aa13175f3a2736db6c9c72197cdcf2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
56151712c246c6e20123d2a2279e552e697bef1abc3104e7d4b0d8c8e34fe6ae
56d9f3eb5d8bda8bda15a53737ffea7cf0ab1f0c43f22715e8a0a7a77b236111
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
587887c0af687504409ea21161335adb13832d9e98d977b037f0547e2504a029
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5b7ecc8afee61d43aff1e3d11f54ba4cd303bcd2b366f9511fc4cee1bf885248
5c794d520f6ea3bac6be170207cda9f8f314f056625c58a7dc3a6494d45094d3
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e35aa85514833036e24200de785c47bae867e2d1fc4a2998e876713a650a4a2
5e53b8405de5c1f4ab50df7ff8fb0878b26ef7ef3930a07f8e84769c70bdf86b
5f8987cc45bc5b684562f8a6c034377a17c2a3b18a51b1179eae00e801753cef
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6175aa38a4c7d32272a12b61217f17263e0cec255021400cc41115ce5b25739f
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6294d3079b323e7d32ce2fe7bbd48f2a8c2de2b7a06c09757bb1734c5cf2486c
62deba681f3738ce08e984e027fe45ca07e44c2833a71e52e21f1ba76192d327
63abefac436c3621d520bffba41cf53478cf755a79f6f3c8a6c1a676aabcbf8c
65a91f782149be43f647e511bd59ec877df7ca0a4faef07a07742c0f4c615b0d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66e05ed27b09c2db7574b1e8a237a72870d0b1c401ea03c8e35f320f1cd995cf
686e58d5a724aedeaf95623eee27e4f1d115bf2d05b4b668c17066498a695f9a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba6f5e114a6bc23e759052973c8d0c4218da2cf2ef8ce4985a594d251c8cdf9
719cf83680e234cf16ce5c725840d858f8eb36cc755a442c9e9e27edc966e606
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339
75b18148f54ba541195c7292613bb2a228d482099ba946396d295a698c0c4c92
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c8770156df698ff0834eb2a43da057a95bbd23f3b48921622cd70603145d3de
7ebba04d5ca8ae78a79b3c7f229a37c102753633e9ca182fc6158e235594d2a9
7f1e38bf5cb339abf83cf9662a20e03d36b135885896fb3a9ada58a973b15143
7f283ca348f0ccbec94d0a158a6ea51415c85c03c7ea530f59eee2931d0a7201
80e39f89cd5882108c301810672c0b794ebd263ac6be1e9f1c9e8b699a5f8445
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84c9d5ba2ed14bb0f531200c964382af09e36182c0e4f8a780eb7c623930698d
84da8714ed2dc7517b5f011504350ec999762f66d7a4bb7ea5f1a7aaa1226ccb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e99c984ea3938bcecf08a25690aec3913aa070a8f3e858a96d6e15f4bf63a8
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88113b8b66244f416ece6d808a0d3ea6caf148491535adb5ce0e0eb472a846e6
8971281a65a5c8449db58c95a1c50cfc9b4271f431c055aa97854199670a0003
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2641de834e86f18cf8ecb89e8b48e67175560f111958d85f9f02e9fa105ea5
8acea189440ca758096d34efbac6b01b66ba384542706310095096d73cf03b5f
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8f1f8fc00e99e1f05a8b4504c0beed678153b8471a87daec069db40ef14ee5db
9044b6bcd8c3e85d9d3444f20bbcf0944193843f65474ba43ddcfbb6ce2d43fd
90b7fcf7d9b3b6406eb6246d1a5e5d644f5dace02bcaca1f17cfe2ef406d073d
92741173158254e3a07b613eed6a4be3a4dcd80c5a917e8b73b1e5c3af7c7c24
956577cb1cd8ce2329b277b94b84245534c629dfc97e13082c19a6df18a99fe0
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
966863ba417f920efc86515e9bd84f68f1de503b9532e904859c9dc095663b91
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96d28c27562409884f9c94ff00b93b7ca975b3c81cbf9640fb2bb43604f60414
98ae9607014f51d14e047c1edc1b0a73c4a6777615ffa1ae75fb8c6113dc9343
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c304344eff955b3da1e3ab3ffc88dea0fe128903e53895978136eb4f431abfb
9d3b426eab31bb93387e03383277a793a0347d1ff89a3a558479f674dc811e24
9da4e0b6e972737986023f23ca71cdc9ba6b296d12bcac8a9bcf2959f8094ea3
9e0cd80e5209cb4cbfaa6c6074f66602faa02a45761cf979d2b6435bdba81111
9e8043dbd1c9027be9c64becf4df031b074c1d771463d5c4dfe2886017d48c0a
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50305d802e4bbbe3be1b7026e18e2ff73193b73177717a6df3b413d16ed4c9f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a853952135a9986c494228957e9fed91fc3f9142ea83588e2c67bc5d253b3579
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336
a9573b0acc9a62e26c58b920afdd8f59ca598d212f705d4a7c7a12dc1e2a6043
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
ab0aa272129b8414307f03545286a8afb10195cdd7e095ab1bd686f5044894ce
ac3ec5feaadff6b9971d045b79a2bf36d5a7afd78c0c39a6a340a8cd5175f5e0
acf2c122a9e3226be81f21349493c9809147042db5ad6bf7f480504e18e398ff
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae7d078e18a6ce17c1810177f9573f029353e5f7c19fcb0de5343a5229394358
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af7b837e6ec1f0ca29f0349649e969834dac8aa975e5b99310406122311bbdd2
afc9f2fe752a9c17d879365002804324582c3be6a2d77ec0bb9ba13ad684fc9b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29b9120f977d46a7115243a5f22a644370645add5471ab0a0874c8a919c8ad1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c004ce7fb2b9890ab174767a6d871e8ff7c7061fecb22cb603ce3e3753ed9a62
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24bad101be9ecf42509350febb31dbe8667ba81748ca4bbe715eb14c62bceab
c2a21cbcdb472e8535f6ea7584e83e04d5dd35a34491fe320e5188d883b4ac71
c2eb15e8924d18fcbe6982d873358c311b13f8d66fcca3c448107661975b158e
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c3cb62a20dd9fa5668e7acc5e4833ea943b445fd555b1bd9114e8674c94dbbb8
c3e2c3a1252dbbb47647b91b7492bf3d6c3dc1d4a332ca14616bf8be075f0593
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c4d808228ffe856f77e8855ca493434eccd235377be6310a684b8c111f7a12ea
c5b8c33935eb54f665133731f389751b694cb221fd19e19bca18758034e86ce9
c5d4b9ddd158d28c62174a7a874687e9bf1b0868ec665540914450c5bae728fd
c62fbb30c48617456cfc5496687255dfa8829988b79ef92528521074bd0a7fe1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9aada91f2482454e0d7f999da9846878fd083bd451e4e64aa22fc0280b88987
caa9a0dfa37b1f8d2372bf15a9e3de16c2dfbc5b89f42db4ba2712fae73b6d33
cc2a4914a39f112d7a1ce52344cbbedde56f5b85f326f8c884d0d682e38fa2cb
cc6db8a2f5871b00429dc989456c364f786fa6687f37fbd59c1621321fbae4c8
cd1465a64ad22b6a0c2069541049857411da587cfd61f90108abc61fbff5c311
cd36933aa46bf2d3d5827ab80b13a76988c28eaf3869fd49a2bd9120d7a3c45c
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d2748364a1e1b0431dc18922af57c9e8c517869f522aff14de893b7fcc8328ba
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
d565a9018ec141118e87f5deb7711c7e69568b691ab713b38e148767ecc6debc
d5c457438a1fdf54de5892646cd220d7278e36dd018d620990e7d30f302eaaec
d66322a343479a01affe9882990e519fef1a97fabdfdfdd3f2dd435202bbadb3
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7982fc691697ffa91d23be7e3a2e2c7b6c4fe9e3ba961f9b19f31d1ab9749b8
d7bb86db68c695256979fe754f6f4573e10c1d4ee0c404d4f34e53378fe424fc
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d9108ebdd9d5303463021dda6297c7ce58006830c6e90c7d36e7afb2d5db2168
d9318e754aec692905f8c38714bcf50c879be98649dfba0c8860c9f048968e79
d942218f1bf6e2ffaac8c63bc3e3d729fa187fe22836102fa1c6c4887c3a5e44
d99b90f783bad0cb9b8aff5311c99ae0a93091d1017397e466bf8a939da6377c
da28ea512b7c7e638b7689bd2ebb59cb7c796070f9518119f6d0475c08ac736f
da6a082635c84b9c2ca04a9c1580d3d0ba44b9f01a2e79eb2b426cd1a267198a
da6bff16abf6dd0721d4263242a3c7fbf250fda94478e27cb2fa51b1606bbc56
daa21d896f1bb4d044779b10b38fd7793654c8b214908be7ae812dbff9f083d0
dcaf27e3abe8cd84615affec01b45c70bf93ac85673f6653d3de14dedf0a2f64
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddc20c155e91de9797474a6a31b46f6cdcb6d3be6bb000638556145368949149
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfdc302aa8f35966e2afb75ed50acfa8680586cf04895a1ba96c5d460c3d367c
e022716b0d7786642c493374ce228e043df51434837c25a6e10c30b11aa7c955
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1
e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bb2cf7274e042eee9654714e576a659332f0dff4706c19b1f8a0a10c706613
e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08
e6e66eb30ad598d16c069e57df468700efc6554e758a6d81e637fae4c8f41e80
e738c53ef449838876fe4764541af72c41a7a77123674f2df73d11872b8e2c87
e85cb7317986158017b6b403246da71023585babda1f7d239e983bdb47ebe5ec
e88d0252b17c67a7272d2ef1c8b13481cd964a903996d7100e019b7dcf2117c5
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e98c04ea06111d883b1c55930474123f6630872bd5bf5cbd5553313c0d1d21b2
ea2a0a80b745b1872b2f7357d9f763c212e53f30edd6f73ea6047e2da573dea6
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ec2771dc89436b6998f17c9927e6ed44a5efb421ed1afed64cfb34c8de2f7854
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ed9a1c0a002eebd39ff310d9a7d166a21448676cc03b5546a5bebfbc762b1742
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe1c403d097fea6efac5e50bcbf1b4bba32b1cdb4e229e0068b2a343b2e8adf
f000048e202ba3ed2a2d49bc09f11e77faa217ac28d71dd8b435f2ef6009cf5e
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517
f2326187be1a34dfc5a7ba09525c635bc3cae4f2d7b0ebdf220106795ea3054a
f3cdee4a8a273005f71b5a571614167b0ff546201b78d0907d9677b3324500ca
f42ec27f2c6d85ac310093af2b83337569831c813eda706f8aa1f481ce5d0573
f48a26731c5bedb73f2c65bc3537c096ee30acd40dc1dbc52ab9dc0c7300c28f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5c4506feee7f9d8f1b68d1ce4de55a7696f49c431319cb572fe2e9c0de5a988
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741
f72c11ac8904011bb2f28611a8feee3812ba14cc1234a0ef58d23e0236db4308
fb1e66ace9ae93f5a9d17c18afd3f3d700e2b568c084ffcde29e51f035836901
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382