urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
143.204.215.84  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.walla.co.il//
Effective URL: https://www.walla.co.il//
Submission: On June 08 via api from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 12 countries across 73 domains to perform 286 HTTP transactions. The main IP is 143.204.215.84, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 144671.
TLS certificate: Issued by Amazon on April 27th 2022. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 143.204.215.84 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.10 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
2 23.35.229.86 16625 (AKAMAI-AS)
7 142.250.186.162 15169 (GOOGLE)
3 2a03:2880:f00... 32934 (FACEBOOK)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 23.35.229.181 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
4 63.34.44.143 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 23.35.228.201 16625 (AKAMAI-AS)
2 18 104.22.68.131 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 35.156.182.43 16509 (AMAZON-02)
2 213.227.153.220 60781 (LEASEWEB-...)
1 147.75.85.234 54825 (PACKET)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 5 51.89.9.252 16276 (OVH)
2 11 185.33.221.50 29990 (ASN-APPNEX)
1 178.250.2.131 44788 (ASN-CRITE...)
1 185.255.84.150 200271 (IGUANE-)
2 6 34.98.64.218 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.132 54113 (FASTLY)
4 2a03:2880:f10... 32934 (FACEBOOK)
1 70.42.32.127 13789 (INTERNAP-...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 5 185.86.139.106 201081 (SMARTADSE...)
2 2 54.229.131.207 16509 (AMAZON-02)
1 3 69.173.144.139 26667 (RUBICONPR...)
1 3 185.64.190.78 62713 (AS-PUBMATIC)
4 6 23.35.228.247 16625 (AKAMAI-AS)
2 2 185.94.180.126 35220 (SPOTX-AMS)
16 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 5 37.157.4.40 198622 (ADFORM)
2 2 103.229.206.241 30419 (MEDIAMATH...)
13 104.36.113.107 62713 (AS-PUBMATIC)
4 4 213.155.156.182 1299 (TWELVE99 ...)
1 178.250.2.151 44788 (ASN-CRITE...)
13 28 172.217.16.130 15169 (GOOGLE)
2 198.47.127.20 62713 (AS-PUBMATIC)
2 2 141.94.171.216 16276 (OVH)
2 2 52.31.207.136 16509 (AMAZON-02)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 169.50.137.184 36351 (SOFTLAYER)
1 35.71.131.137 16509 (AMAZON-02)
2 3 2620:116:800d... 16509 (AMAZON-02)
29 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.66 15169 (GOOGLE)
4 4 52.29.193.101 16509 (AMAZON-02)
1 35.227.252.103 15169 (GOOGLE)
2 204.237.133.121 62713 (AS-PUBMATIC)
9 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
1 2 193.0.160.128 54312 (ROCKETFUEL)
2 66.155.71.150 13768 (COGECO-PEER1)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 104.92.106.130 16625 (AKAMAI-AS)
1 2 34.240.82.67 16509 (AMAZON-02)
1 178.250.2.148 44788 (ASN-CRITE...)
3 178.250.2.150 44788 (ASN-CRITE...)
2 3 2001:678:cb4:... 56396 (AMOBEE)
2 2 52.29.123.29 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:214... 16509 (AMAZON-02)
9 23.22.169.163 14618 (AMAZON-AES)
1 2 2a02:2638::1c ()
2 178.250.0.157 ()
2 151.101.1.108 ()
1 76.223.111.18 ()
1 1 18.206.27.41 ()
2 2 151.101.194.49 ()
4 4 52.50.170.21 ()
1 1 198.148.27.140 ()
2 2 35.201.96.126 ()
1 104.36.113.68 ()
1 2 77.243.60.138 ()
1 2 107.23.12.102 ()
1 1 51.68.39.188 ()
1 2a05:d018:d29... ()
3 3 18.156.0.31 ()
1 2a02:fa8:8806... ()
1 1 159.65.196.12 ()
1 1 185.33.221.89 ()
1 1 185.183.112.155 ()
286 82
17    143.204.215.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-84.fra53.r.cloudfront.net
www.walla.co.il
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:206f:6200:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
2    23.35.229.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
7    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
ade.googlesyndication.com
3    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:20eb:0:4:1c73:c740:21 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
1    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
4    2a00:1450:4001:827::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com
4    63.34.44.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-44-143.eu-west-1.compute.amazonaws.com
khn.crowdad.io
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    23.35.228.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
18    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
prebid.smilewanted.com
static.smilewanted.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    35.156.182.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-182-43.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
11    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
6    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
1    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
4    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
4    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
5    185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
rtb-csync.smartadserver.com
2    54.229.131.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-131-207.eu-west-1.compute.amazonaws.com
ice.360yield.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    23.35.228.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-247.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
16    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
13    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
4    213.155.156.182 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
28    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
2    52.31.207.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-207-136.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
3    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
29    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
4    52.29.193.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-193-101.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    204.237.133.121 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
9    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    85.114.159.93 (Sankt Georgen im Schwarzwald, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com
sync.teads.tv
2    34.240.82.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-82-67.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
3    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    52.29.123.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-123-29.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2600:9000:214f:3a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
9    23.22.169.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-169-163.compute-1.amazonaws.com
dt.adsafeprotected.com
2    2a02:2638::1c (None, )

ASN- ()
gum.criteo.com
2    178.250.0.157 (None, )

ASN- ()
mug.criteo.com
2    151.101.1.108 (None, )

ASN- ()
acdn.adnxs.com
1    76.223.111.18 (None, )

ASN- ()
eb2.3lift.com
1    18.206.27.41 (None, )

ASN- ()
sync.srv.stackadapt.com
2    151.101.194.49 (None, )

ASN- ()
sync-tm.everesttech.net
4    52.50.170.21 (None, )

ASN- ()
match.prod.bidr.io
1    198.148.27.140 (None, )

ASN- ()
bh.contextweb.com
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    104.36.113.68 (None, )

ASN- ()
aud.pubmatic.com
2    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
2    107.23.12.102 (None, )

ASN- ()
a.audrte.com
1    51.68.39.188 (None, )

ASN- ()
dsp.nrich.ai
1    2a05:d018:d29:3601:6b88:e1e2:688e:aa3b (None, )

ASN- ()
pr-bh.ybp.yahoo.com
3    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
1    2a02:fa8:8806:12::1400 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    159.65.196.12 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    185.33.221.89 (None, )

ASN- ()
secure.adnxs.com
1    185.183.112.155 (None, )

ASN- ()
sync.adotmob.com
Apex Domain
Subdomains		 Transfer
44 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 199
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 277
254 KB
32 googlesyndication.com
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
ade.googlesyndication.com
149 KB
29 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 258
2 MB
25 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 444
hbopenbid.pubmatic.com Failed
image6.pubmatic.com — Cisco Umbrella Rank: 585
simage2.pubmatic.com — Cisco Umbrella Rank: 582
image2.pubmatic.com — Cisco Umbrella Rank: 828
image4.pubmatic.com — Cisco Umbrella Rank: 812
simage4.pubmatic.com — Cisco Umbrella Rank: 1149
aud.pubmatic.com
119 KB
18 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 3989
prebid.smilewanted.com — Cisco Umbrella Rank: 5869
static.smilewanted.com — Cisco Umbrella Rank: 11494
35 KB
17 walla.co.il
www.walla.co.il — Cisco Umbrella Rank: 144671
681 KB
14 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 776
static.adsafeprotected.com — Cisco Umbrella Rank: 552
dt.adsafeprotected.com — Cisco Umbrella Rank: 485
97 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 225
acdn.adnxs.com
secure.adnxs.com
50 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 586
csm.eu.criteo.net — Cisco Umbrella Rank: 7705
143 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 718
dis.criteo.com — Cisco Umbrella Rank: 692
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14575
ads.eu.criteo.com — Cisco Umbrella Rank: 7717
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9779
gum.criteo.com
mug.criteo.com
21 KB
7 openx.net
u.openx.net — Cisco Umbrella Rank: 725
rtb.openx.net — Cisco Umbrella Rank: 1495
us-u.openx.net — Cisco Umbrella Rank: 360
1 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 527
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568
5 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 4
adservice.google.com — Cisco Umbrella Rank: 79
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 562
3 KB
5 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1463
rtb-csync.smartadserver.com
997 B
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 750
1 KB
4 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
1 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 276
3 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5167
1 KB
4 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4437
sync-eu.connectad.io — Cisco Umbrella Rank: 2999
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 92
528 B
4 google.de
www.google.de — Cisco Umbrella Rank: 6180
adservice.google.de — Cisco Umbrella Rank: 8654
1 KB
4 crowdad.io
khn.crowdad.io — Cisco Umbrella Rank: 87130
209 B
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 75753
122 B
4 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1213
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2604
odb.outbrain.com — Cisco Umbrella Rank: 1361
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5311
71 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 746
r.turn.com — Cisco Umbrella Rank: 2685
1 KB
3 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 430
cms.quantserve.com — Cisco Umbrella Rank: 975
1 KB
3 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1762
mwzeom.zeotap.com — Cisco Umbrella Rank: 1318
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
128 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 317
457 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2167
mp.4dex.io — Cisco Umbrella Rank: 3086
24 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
201 KB
2 audrte.com
a.audrte.com
4 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
625 B
2 everesttech.net
sync-tm.everesttech.net
745 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 852
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 930
344 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1550
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 592
382 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 716
a.rfihub.com — Cisco Umbrella Rank: 2750
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 707
616 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3333
949 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 426
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 495
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1742
644 B
2 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 30933
296 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581
eb2.3lift.com
711 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 43
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
137 KB
1 adotmob.com
sync.adotmob.com
695 B
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 nrich.ai
dsp.nrich.ai
482 B
1 contextweb.com
bh.contextweb.com
497 B
1 stackadapt.com
sync.srv.stackadapt.com
615 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 215
34 KB
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 38367
610 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 306
265 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 806
610 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4524
886 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1207
443 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 427
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 122
17 KB
1 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4079
464 B
1 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
5 KB
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2145
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 76274
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 101988
253 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1294
37 KB
0 advertising.com Failed
sync.adaptv.advertising.com Failed
0 loopme.me Failed
csync.loopme.me Failed
286 73
Domain Requested by
29 s0.2mdn.net www.walla.co.il
s0.2mdn.net
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
28 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
www.walla.co.il
17 www.walla.co.il www.walla.co.il
16 pagead2.googlesyndication.com 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.walla.co.il
www.googletagservices.com
14 csync.smilewanted.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
11 tpc.googlesyndication.com 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 ib.adnxs.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
googleads.g.doubleclick.net
acdn.adnxs.com
9 dt.adsafeprotected.com 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
www.walla.co.il
9 static.criteo.net cdn.valuad.cloud
static.criteo.net
ads.eu.criteo.com
8 simage2.pubmatic.com ads.pubmatic.com
6 securepubads.g.doubleclick.net www.walla.co.il
securepubads.g.doubleclick.net
5 image2.pubmatic.com ads.pubmatic.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 onetag-sys.com 2 redirects cdn.valuad.cloud
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
5 googleads.g.doubleclick.net www.googleadservices.com
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
www.walla.co.il
4 match.prod.bidr.io 4 redirects
4 x.bidswitch.net 4 redirects
4 googleads4.g.doubleclick.net www.walla.co.il
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 d5p.de17a.com 4 redirects
4 sync.smartadserver.com 2 redirects csync.smilewanted.com
4 www.facebook.com www.walla.co.il
4 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 u.openx.net 2 redirects cdn.valuad.cloud
4 ads.pubmatic.com cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
4 www.google.com www.walla.co.il
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
4 khn.crowdad.io d2r08ja41ypc0t.cloudfront.net
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
3 ups.analytics.yahoo.com 3 redirects
3 static.adsafeprotected.com fw.adsafeprotected.com
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 www.googletagservices.com 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 pixel.rubiconproject.com 1 redirects csync.smilewanted.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 acdn.adnxs.com cdn.valuad.cloud
2 mug.criteo.com www.walla.co.il
2 gum.criteo.com 1 redirects
2 pm.w55c.net 2 redirects
2 ad.turn.com 2 redirects
2 fw.adsafeprotected.com 1 redirects www.walla.co.il
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 dsp.adfarm1.adition.com 2 redirects
2 pixel-sync.sitescout.com 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
2 simage4.pubmatic.com ads.pubmatic.com
2 cms.quantserve.com 1 redirects 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 sync.crwdcntrl.net 2 redirects
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 ice.360yield.com 2 redirects
2 sync-eu.connectad.io cdn.connectad.io
2 cdn.connectad.io csync.smilewanted.com
2 static.smilewanted.com csync.smilewanted.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 prebid.smilewanted.com cdn.valuad.cloud
2 b1h-euc1.zemanta.com cdn.valuad.cloud
www.walla.co.il
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 www.google.de www.walla.co.il
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.walla.co.il
1 ade.googlesyndication.com www.walla.co.il
1 sync.adotmob.com 1 redirects
1 secure.adnxs.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 dsp.nrich.ai 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 eb2.3lift.com cdn.valuad.cloud
1 cdnjs.cloudflare.com s0.2mdn.net
1 gcm.ctnsnet.com 1 redirects
1 r.turn.com 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 a.rfihub.com 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
1 p.rfihub.com 1 redirects
1 ads.eu.criteo.com 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com www.walla.co.il
1 rtb.openx.net 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
1 pixel.quantserve.com 1 redirects
1 match.adsrvr.org ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 prebid.a-mo.net cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 widget-pixels.outbrain.com www.walla.co.il
1 tcheck.outbrainimg.com widgets.outbrain.com
1 d2r08ja41ypc0t.cloudfront.net cf.dxmcdn.com
1 cdn.permutive.com cf.dxmcdn.com
1 widgets.outbrain.com www.walla.co.il
1 cf.dxmcdn.com www.walla.co.il
1 cdn.valuad.cloud www.walla.co.il
1 www.googleoptimize.com www.walla.co.il
0 sync.adaptv.advertising.com Failed 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
0 csync.loopme.me Failed csync.smilewanted.com
0 hbopenbid.pubmatic.com Failed cdn.valuad.cloud
286 117
Subject Issuer Validity Valid
*.walla.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
valuad.cloud
E1		 2022-06-02 -
2022-08-31		 3 months crt.sh
cf.dxmcdn.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-18 -
2022-06-16		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
crowdad.io
Amazon		 2021-10-28 -
2022-11-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-18 -
2022-07-17		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-08-29		 a year crt.sh
*.a-mo.net
R3		 2022-05-05 -
2022-08-03		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-18 -
2022-08-13		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-22 -
2022-08-24		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-10 -
2022-07-04		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh

This page contains 56 frames:

Primary Page: https://www.walla.co.il//
Frame ID: 1D0ACAE9C1E52C34DC6E2AEA5082424E
Requests: 79 HTTP requests in this frame

Frame: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C251A8BA00C73E6FDDB71033A3927647
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 5561E729B266E150784CB1413F693266
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7ea6bbaeccf953a2c1e4fc73b26c4eb0
Frame ID: 30302E2B1B4BFD5C5D64C70C80855EC1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: D04E50197579DC284D8C3722E7CB4989
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 07BBBC74290C5FD01BA347E273766D53
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 12AB15D88B6D625B474434855202016E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/2e407d95-b042-498e-915c-3ece56d4e3e5&partner_id=1010
Frame ID: E75A348D7D805235E7B842A61C8E01FC
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 0A7E4D69376203523814CD09F5AD4DB6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: A695282A5A465AEAD14E7389EC085CBA
Requests: 13 HTTP requests in this frame

Frame: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 874ECB9D1DF37D906687C355B416BBAD
Requests: 16 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YqDNd2bNmQPTLTA275UsIAAA%261112
Frame ID: 311E318589AA689DB5566B2C46B807C0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/9b1b6bd8-e747-11ec-a2a4-10ffbde80106
Frame ID: CAF57CB8203E0AB2AC176BA12525898A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYjZ7vyAEwAQ&v=APEucNVUMf5APKFBRpCWCkuVRIh_tpD2pJrePpdMUp2sGhq5vfTEECdnUsMIxDXJv8femBgNdM4DKl6zBMuyUEe0UWJBIA1pE9nxc9GyM2Cr7EBRekGqS70gxWNmu_i2Em3r_C-mId-F6LepE2b12DhgCT70BWcbTcVYnh56HWjpINN3nGAe5nU
Frame ID: B52A4DC22CA744C909403FE85E5B9D4D
Requests: 5 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
Frame ID: D43200EE4E7FDD965B672E95358ECFAA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2d8262a0-cd78-4100-b836-b8e0c0b2c6a0&gdpr=0&gdpr_consent=
Frame ID: 2A6C0D23349C2C91085F49AEE356231F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4198648938245447801
Frame ID: 4AC75DCC21AB179C25D0624EF4023D8C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 10C3F0BCE7B64623ABD1ACED8EDACECB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
Frame ID: 96931E57F26EDA82DA4363992CD5E0FC
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Frame ID: 4F9808649FE675F42AF92F258D98CCC6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F1D68620379B5D163BB80D45B5154D5F
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 488D1B6E319A4DD3C231C72B00A79F2D
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8246653690116657327/C3_DE_CUSTOM_970x250_HTML_012450_R2_IQCUSTOM/index.html
Frame ID: 36BEFDA395739E8B1AF790458C7EC30A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0F17F19190E622939A4BA33ED4FB6805
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C017FC26D3FF8EA7F8FBD7224B4A25B3
Requests: 1 HTTP requests in this frame

Frame: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0E922BF5D09C0199EF7E12970B494F5A
Requests: 9 HTTP requests in this frame

Frame: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D89398F15F19B475A02D76863B556724
Requests: 27 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 537847F3CBB27CA0173D581B4DC35C62
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BB3D950E6DF3325768ABFA085995041F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNW3uLFds7zJBm4APGmgWkcxXBemLD6SLFyrLKHd_PfDx2mYhvtp0qxukivEiXQaSKHR69FXzS9-AElD9O3k_27dE6t3HQ4AivSwAnjqPfZ-wIH4Ro38PkCPoDU9d9SQs6TvOyXubGYauP4o5HdSLIJzrLvJHj3-eQBJa2i8vKVJlMdTQ4I
Frame ID: D5540052B212455C5103C82E2F6F361B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D66085B5E72CE8B0A26A21213D2C5ABB
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5312082482335462639/index.html
Frame ID: C8FB134C49EACE9EDB4C089944F8C662
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C67FFA65C15F3AB4CC340829A61831FB
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: F97B33965118D19C09361B7BF41BBE0A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 4C031ABD3FE3A2973BE5675741D7EB4F
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A054EE6F812785C1B206146A929A5F55
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 48838A3D74FA1D7A2CDEF3FA6D5CC1A1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 2052B144F590D44D228DEB2DFD194635
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 983153AC86A7FA4481CA4BBA4B9FE105
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C06DEB625ED2F143F4BF449B1BB0B82F
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1654705526538
Frame ID: 7E1AC119B9F9FC172532AD571B5F9AAA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7106906131594016919
Frame ID: E6DF210617236966005B8DA4FE40F83C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=v1JBwhKgT5lNAEV6djSCosEbDgo
Frame ID: EA87553D4EE55190F45DF015A8D5E596
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqDNfAAHbIM4gQAo&gdpr=0&gdpr_consent=&_test=YqDNfAAHbIM4gQAo
Frame ID: B862473716AA4D6A13EBCCA5CAD819AA
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHTE07FQZsAAHg-jtyFkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 875D9DCCB382A28F94BDF7258A27679B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: A44B387513DF4E8774A1ABC8ED10D1DD
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7ea6bbaeccf953a2c1e4fc73b26c4eb0
Frame ID: 4BA806F8EC53C828C465F3FD971E357E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 4F8D32E2504E7EAEA9D8FC624CA31CF5
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 9FF06400C70AB05ECD80BD8E2BB5393F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 7F03E568913F02E10B11DC656DE5334B
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 984DDFB274175AE1088E8490EFD7904F
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Frame ID: 44B1621EFC54090803A05D1046003912
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-0hsxoERE2uF62DuRrcN0..u.E7RRO4sq_QneqUI-~A&gdpr=0&gdpr_consent=
Frame ID: 9A3967A1D792CB442E22F10376A561CF
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/0a30a057-96a0-431d-abd9-f6d9abaad56e
Frame ID: 986F154628CCA974C3251467BBA466F5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/2439243591662352484
Frame ID: 920517A69C6AE48F5860752BBAF2DAEB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adotmob/07c022040015775680dc07a5&gdpr=0&gdprConsent=
Frame ID: 26B39914A5092077018D83EC27EF8C1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

286
Requests

86 %
HTTPS

34 %
IPv6

73
Domains

117
Subdomains

82
IPs

12
Countries

4244 kB
Transfer

9774 kB
Size

66
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7ea6bbaeccf953a2c1e4fc73b26c4eb0
Request Chain 74
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 76
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/2e407d95-b042-498e-915c-3ece56d4e3e5&partner_id=1010
Request Chain 81
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YqDNd2bNmQPTLTA275UsIAAA%261112
Request Chain 82
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=9b1b6c21-e747-11ec-a2a4-10ffbde80106 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/9b1b6bd8-e747-11ec-a2a4-10ffbde80106
Request Chain 90
  • https://c1.adform.net/serving/cookie/match?party=14&cid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
Request Chain 91
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2d8262a0-cd78-4100-b836-b8e0c0b2c6a0&gdpr=0&gdpr_consent=
Request Chain 92
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4198648938245447801
Request Chain 95
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Ul2Pw2KRcym1lGpXk2tMA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 96
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=815062a0-cd77-4800-a401-06367fd3c62b
Request Chain 97
  • https://pixel.onaudience.com/?partner=214&mapped=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7b66c67c989df1e3/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=7b66c67c989df1e3/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=7b66c67c989df1e3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d21dbb-bdaa-47ca-66e6-a08ede132bde&reqId=264a7a3c-fdca-47c7-58d8-40f0c87528a9&zcluid=7b66c67c989df1e3&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENGB2mfAdH3Sp8BjvCPL4iY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d21dbb-bdaa-47ca-66e6-a08ede132bde&reqId=264a7a3c-fdca-47c7-58d8-40f0c87528a9&zcluid=7b66c67c989df1e3&zdid=1332
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUQ0OTc2M0YtMEQ4QS00NUNDLUE2RDYtNTFBOTVFNERBRDMw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG8510EWteigMHALW8nO0Kg&google_cver=1
Request Chain 102
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1681303317823180167
Request Chain 103
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2439243591662352484&gdpr=0&gdpr_consent=
Request Chain 104
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=86FTQab3BUboowFDofAfQfWgU0XoqldC96AhAHhG
Request Chain 105
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTvz9t2Taun7J2VxEks_JA&google_cver=1
Request Chain 106
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqDNd2bNmQPTLTA275UsIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTvz9t2Taun7J2VxEks_JA&google_cver=1
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENMKgL8DABZ1tE7O9rDVUj0&google_cver=1
Request Chain 108
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzOTI0MzU5MTY2MjM1MjQ4NA%3D%3D
Request Chain 121
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAWJcTo5j3JmzKFmsLWiE5I&google_cver=1&google_push=AYg5qPIak4f6YkxQmBTXSgbwbqYvS5vqC5uqCtmWLy3Hc13vUDLS4dBp8uCAFmlLOWyqnBPropSsWCXZm5ZqtOfrDQQH3vd4d64hRw HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIak4f6YkxQmBTXSgbwbqYvS5vqC5uqCtmWLy3Hc13vUDLS4dBp8uCAFmlLOWyqnBPropSsWCXZm5ZqtOfrDQQH3vd4d64hRw&google_hm=0TFkqecptH6tUotdO9eknQ
Request Chain 122
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBCR9_r3_bOWEvLL47l5xes&google_cver=1&google_push=AYg5qPLO84x8lQpX5G8yo33hNtt0XhJRxHp5oVbfLycCGu1wOBQ8hZfbPQB4F7mVtplneFa0kKPqDZIu3DQr-rVJ_krpkFJg3s2KEA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBCR9_r3_bOWEvLL47l5xes&google_cver=1&google_push=AYg5qPLO84x8lQpX5G8yo33hNtt0XhJRxHp5oVbfLycCGu1wOBQ8hZfbPQB4F7mVtplneFa0kKPqDZIu3DQr-rVJ_krpkFJg3s2KEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLO84x8lQpX5G8yo33hNtt0XhJRxHp5oVbfLycCGu1wOBQ8hZfbPQB4F7mVtplneFa0kKPqDZIu3DQr-rVJ_krpkFJg3s2KEA&google_hm=mZCYqfGyTQmgP00Y2Sm7-A==
Request Chain 124
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIHtTmBIZoGx3z_Q_YsH_zw&google_cver=1&google_push=AYg5qPL8kyDy58A8bwIXGEajR9zNUfOYy3c0PbinR0F4nGdelDV1Um1vRhV_NGiRAnHu1VQ-C0ck0o22Rt2Kk0TadKzg6h9KnA1ilw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL8kyDy58A8bwIXGEajR9zNUfOYy3c0PbinR0F4nGdelDV1Um1vRhV_NGiRAnHu1VQ-C0ck0o22Rt2Kk0TadKzg6h9KnA1ilw
Request Chain 126
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPPbz5PN8klGAk885dagQ9U&google_cver=1&google_push=AYg5qPL2fom89ujkcfLvhR8ncF9feT20u8BhCz2Dce_4Sc-tyfPAF0mtGnXYVL-kZZ9tQtTlUd-iSv5oxZT-76G9LiN8pZ2fRuJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Ul2Pw2KRcym1lGpXk2tMA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL2fom89ujkcfLvhR8ncF9feT20u8BhCz2Dce_4Sc-tyfPAF0mtGnXYVL-kZZ9tQtTlUd-iSv5oxZT-76G9LiN8pZ2fRuJ4
Request Chain 127
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC94Ig94OKw5Bsgl8VAxABc&google_cver=1&google_push=AYg5qPJv7RfEmbKnzrnFcaNQEmAgqHZruvNYQwKzAbUITk3ANl4ELwHFvTOhE0lyYAB-gnkUHuutrRuswcHWFSrj5AjEvfiDt0bv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ1U1k0NVktVi1VR1g=&google_push=AYg5qPJv7RfEmbKnzrnFcaNQEmAgqHZruvNYQwKzAbUITk3ANl4ELwHFvTOhE0lyYAB-gnkUHuutrRuswcHWFSrj5AjEvfiDt0bv
Request Chain 164
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEO9UTGUO4x7Z9d9T7LKhRwE&google_cver=1&google_push=AYg5qPIRyWRKvdLziTW7thfice7UQT1qc272XUMOzpYsFpCW0hxbp88HMi1BLr6EWeYKCIZzDYZNfYT4x4RXiduuy5u8TvMOGz5CYQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPIRyWRKvdLziTW7thfice7UQT1qc272XUMOzpYsFpCW0hxbp88HMi1BLr6EWeYKCIZzDYZNfYT4x4RXiduuy5u8TvMOGz5CYQ&google_hm=NDAwNjk1Njc0NDc3MjA3MTAwOQ== HTTP 302
  • https://a.rfihub.com/cm?pub=445&google_error=5
Request Chain 166
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDV3Otpm1-mmJNGkU51xfj4&google_cver=1&google_push=AYg5qPIt292StbWv87Z7I2NYdNApELNADcqTkfF3n2eHwIbq-YrQCEXjmvI7g38sWoCgUs5d-HGIDKE7KfmbS8apD3CK0gXMlcpgcA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwNjkwNjEzMTU5NDAxNjkxOQ%3D%3D&google_push=AYg5qPIt292StbWv87Z7I2NYdNApELNADcqTkfF3n2eHwIbq-YrQCEXjmvI7g38sWoCgUs5d-HGIDKE7KfmbS8apD3CK0gXMlcpgcA
Request Chain 168
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIHtTmBIZoGx3z_Q_YsH_zw&google_cver=1&google_push=AYg5qPL78-2j11Mt0C10j0Su_YV8AVZgcij3oJAk6Ib6wGMnbMz7bZq4_UCvEAYFHwMi6IgUoy-8tctmoZKrAsx-aJU9MhJ_HPAumQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL78-2j11Mt0C10j0Su_YV8AVZgcij3oJAk6Ib6wGMnbMz7bZq4_UCvEAYFHwMi6IgUoy-8tctmoZKrAsx-aJU9MhJ_HPAumQ
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP80MhAAxxWbGMb2SQ8XJGI&google_cver=1
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFWO3HTfYMrvZSKsTRsAGkQ&google_cver=1
Request Chain 194
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAgRiagbVJxwIezMW6PUyxU&google_cver=1&google_push=AYg5qPKvukU2bi8NqSBBw3YS_bke_1bxqz9nEdlkN_DkQ0ISudx63EbTcGvc7isyaSNIe44sqJ9E6UDgqNRZroWR_X1-3lFUODU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI5MDYyOTczNDM5MzU1NTQ2OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAgRiagbVJxwIezMW6PUyxU&google_cver=1
Request Chain 195
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAASOsoRuu6n3YhRk6D0Shs&google_cver=1&google_push=AYg5qPLEiLE8samWvQNz2dtobKeVb9oxazf6SFiwJWPEiXVYT80TAzUFzs3VzvrUw2OEwNXWO0xdle8s9FCruLAT11XkCnnlIC86 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAASOsoRuu6n3YhRk6D0Shs&google_cver=1&google_push=AYg5qPLEiLE8samWvQNz2dtobKeVb9oxazf6SFiwJWPEiXVYT80TAzUFzs3VzvrUw2OEwNXWO0xdle8s9FCruLAT11XkCnnlIC86 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXZKY1hHSU4xTllZdVM1&google_gid=CAESEAASOsoRuu6n3YhRk6D0Shs&google_cver=1&google_push=AYg5qPLEiLE8samWvQNz2dtobKeVb9oxazf6SFiwJWPEiXVYT80TAzUFzs3VzvrUw2OEwNXWO0xdle8s9FCruLAT11XkCnnlIC86
Request Chain 197
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEB-KXyZ6rl9OYY0Acl8iNBI&google_cver=1&google_push=AYg5qPKvLWt7DiawiLwQeXy0v6fABndEqut5aO1zZVcjlhJyH4_BO6bYd_AV3NDQZVyQDTNuk19GHLcdaNpI0Je-5LD-HJrznbSm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKvLWt7DiawiLwQeXy0v6fABndEqut5aO1zZVcjlhJyH4_BO6bYd_AV3NDQZVyQDTNuk19GHLcdaNpI0Je-5LD-HJrznbSm&google_hm=Y5dCvx4GQPOhluCWYIOOugo
Request Chain 198
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK5JsnCOP5rfBPNV8Aj7quA&google_cver=1&google_push=AYg5qPKXy4yQK-k8GsskUODX6B1JLsas5gF6lAPPIrOdHjm2NQZ-mpPEML1DUBaaiFHJSzTRRTHUOZuI1K7dbr8oZmcnZFL61mTS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY4MTMwMzMxNzgyMzE4MDE2Nw&google_push=AYg5qPKXy4yQK-k8GsskUODX6B1JLsas5gF6lAPPIrOdHjm2NQZ-mpPEML1DUBaaiFHJSzTRRTHUOZuI1K7dbr8oZmcnZFL61mTS
Request Chain 199
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECw8I5X66NCLBET_SiNSidw&google_cver=1&google_push=AYg5qPK0y9IITHjLKIFUCodf6nCa9O71srx1XlSUU24quzekIlez2rDtHae99uRTrZsiBRmZXTlv3wsqI4WapmsZgKyvsSaiYMY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPK0y9IITHjLKIFUCodf6nCa9O71srx1XlSUU24quzekIlez2rDtHae99uRTrZsiBRmZXTlv3wsqI4WapmsZgKyvsSaiYMY
Request Chain 200
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECw8I5X66NCLBET_SiNSidw&google_cver=1&google_push=AYg5qPK9DmGL87ub8HAFPhpYWp_kH4cgmMsbhPUaGtSBzpedSyiDFLOJpLOSrdPunt-fsQlLrQzV1V8n8ZPDZAbIepy7zjvAEqOQjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPK9DmGL87ub8HAFPhpYWp_kH4cgmMsbhPUaGtSBzpedSyiDFLOJpLOSrdPunt-fsQlLrQzV1V8n8ZPDZAbIepy7zjvAEqOQjA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 228
  • https://fw.adsafeprotected.com/rfw/st/996673/61756196/skeleton.js?adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:60e67643-0deb-bfaf-be92-dc51157cc045,c:eXR9dV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-bb5c65d56-2ggbr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:149,fm:t8btLXj+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1f*.996673-61756196%7C1f1%7C1f2%7C1f3%7C1f41,idMap:1f*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:170,oid:9cc9121c-e747-11ec-a3d2-3ee1bcb5119e,v:19.8.316,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 242
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ywvj1XxqSjQ2bUU5cU9BWjNNZ2d0VE5zdjJ5WGJmQ29Ja2psYVR5M2RQYThkYklwbXNZWkVzVFJWY0Q3WlEyRTA5Rjc2bll3WlFhcEZYdmFCNW5MRVV4bjZzbytlMTl1UkJkSmRRR1d1bG9BZVRrcG1ZM1RiQ3lRMlZycm9Db0xRa2FrZzNPVTJKWllqOVdGdk9YWm04cFlZMUhsTHR4TElRMG9kY2hLeExNakpWWkNGTFg1eEhmZkpxQmI4NUZjYXFLQmpWQ3ErZG5qU0s4VWthbS8vSVc1WGszN1VXSVAwS1JIRThBVEROL3d4aDVFeC9zaldiUk9RdnROeUJHU0hrNWEzfA&cppv=2
Request Chain 257
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7106906131594016919
Request Chain 258
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=v1JBwhKgT5lNAEV6djSCosEbDgo
Request Chain 259
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YqDNfAAHbIM4gQAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqDNfAAHbIM4gQAo&gdpr=0&gdpr_consent=&_test=YqDNfAAHbIM4gQAo
Request Chain 260
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIVEUwN0ZRWnNBQUhnLWp0eUZrZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHTE07FQZsAAHg-jtyFkg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAHTE07FQZsAAHg-jtyFkg&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHTE07FQZsAAHg-jtyFkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 261
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&addseg=19,36,42
Request Chain 262
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 264
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30 HTTP 302
  • https://a.audrte.com/p
Request Chain 265
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=999098a9-f1b2-4d09-a03f-4d18d929bbf8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=84e88f0f-8839-40d5-b529-1ce6bc8694cd&expires=1&user_group=5&ssp=pubmatic&bsw_param=999098a9-f1b2-4d09-a03f-4d18d929bbf8 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=999098a9-f1b2-4d09-a03f-4d18d929bbf8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 267
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bjVDvklE2uVv7Vmo_1I1Cm30NyVVKAM-~A&gdpr=0&gdpr_consent=
Request Chain 268
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8290629734393555469&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 270
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a1644f61-eacd-4795-9e09-a6d85ad042f8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 272
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7ea6bbaeccf953a2c1e4fc73b26c4eb0
Request Chain 274
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 278
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-0hsxoERE2uF62DuRrcN0..u.E7RRO4sq_QneqUI-~A&gdpr=0&gdpr_consent=
Request Chain 279
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/0a30a057-96a0-431d-abd9-f6d9abaad56e
Request Chain 280
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/2439243591662352484
Request Chain 281
  • https://sync.adotmob.com/cookie/smilewanted?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadotmob%2F{amob_user_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/adotmob/07c022040015775680dc07a5&gdpr=0&gdprConsent=

286 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il// 		99 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a0a059755408a9dcc9de9511b7521050cfb3aaf2bbb2f12766ddf6aed68816ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 08 Jun 2022 16:25:25 GMT
etag
W/"18cb2-0IHsFM+HUHfuF31KOJMPZ67gpjM"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-id
6Y0V_b_DCT14rz8_DdCwja4vtRj5OrqPaP65FTOZyyZ_CT62g9eUzw==
x-amz-cf-pop
FRA53-C1
x-cache
Error from cloudfront
logo_new.svg
www.walla.co.il/public/assets/logo/ 		1 KB
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/logo/logo_new.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:26 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 11:43:30 GMT
server
openresty/1.15.8.1
age
15959
etag
W/"4bf-181432076d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
PNQ9AiyC-pWUhT83-Sv4DKA95PgycrZ6_BLjJDBPK_UNeVqKEueVlA==
x-cached
MISS
yad2.png
www.walla.co.il/public/assets/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/yad2.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:24 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 08 Jun 2022 11:43:30 GMT
server
openresty/1.15.8.1
age
15961
etag
W/"488-181432076d0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
1160
x-cached
MISS
x-amz-cf-id
mCQxXwc6-NRozPf-xxAMjcdu0QCzXskNuuzcBByrCVTHklFekDEd5g==
vod.png
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/vod.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:26 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 08 Jun 2022 11:43:30 GMT
server
openresty/1.15.8.1
age
15959
etag
W/"4a6-181432076d0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
1190
x-cached
MISS
x-amz-cf-id
lvkHsyjjeS6aNf_1NhFgBhCznQux3TWgcNxryp0fCncJELQ8fisiCA==
new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 		636 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:24 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 08 Jun 2022 11:43:30 GMT
server
openresty/1.15.8.1
age
15961
etag
W/"27c-181432076d0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
636
x-cached
MISS
x-amz-cf-id
nR2Z4YjiCSGEloUJtUMi_maM971O9Xdi4czrRjJOJkVwQbgMiudtxw==
optimize.js
www.googleoptimize.com/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-MKKBK36
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3cb78f36f2b221e83313ab6b1318f51798960411357532a130a195d30eb8a954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37740
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 16:06:37 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Jun 2022 16:25:25 GMT
110_76e185cddd309d5493fa_76e185cddd309d5493fa_walla.js
www.walla.co.il/public/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/110_76e185cddd309d5493fa_76e185cddd309d5493fa_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
23f3afb8e9c77433e153edd5521fdc27e7bf8651eed58774e1814cea437a51fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:23 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 11:45:56 GMT
server
openresty/1.15.8.1
age
15962
etag
W/"2b34-1814322b120"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
_sbGCzMSQeaTIHUl6Ek1nCUenz94lyvaoJNalcWh3iz97NqbjGZIfQ==
x-cached
MISS
128_6a4cd6fdf6df5404e7a5_6a4cd6fdf6df5404e7a5_walla.js
www.walla.co.il/public/ 		307 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/128_6a4cd6fdf6df5404e7a5_6a4cd6fdf6df5404e7a5_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
cca9b330bc518707c943ac732d6c7b27c9575fbda4e7ae8b6edbd917b53cacbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:24 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 11:45:56 GMT
server
openresty/1.15.8.1
age
15961
etag
W/"4cbf0-1814322b120"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
DEM9145vdZQoxoKiuFEeLUIDU0S6TcbHQ_2FWCK3QDGRk3NU1rN3dw==
x-cached
MISS
main_c5d1421691c9cb14709c_c5d1421691c9cb14709c_walla.js
www.walla.co.il/public/ 		1 MB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_c5d1421691c9cb14709c_c5d1421691c9cb14709c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f1523753473c37e0b86d1a6b02f4ce473fc6dc0335d7b4b4417d3eb67dc5d37a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:24 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 11:45:56 GMT
server
openresty/1.15.8.1
age
15961
etag
W/"10d947-1814322b120"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
1hEMhhvzumdid-rqz3LJ8A8WasafFNA-_lRFH1PhTuwAknqMoFvaEQ==
x-cached
MISS
homepage_28bf4199f9d48299cce8_28bf4199f9d48299cce8_walla.js
www.walla.co.il/public/ 		224 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_28bf4199f9d48299cce8_28bf4199f9d48299cce8_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bba54c06d3527be26be120cf16fe14ffe2aec36ae55030a4e7c2b228054a9c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:24 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 11:45:56 GMT
server
openresty/1.15.8.1
age
15961
etag
W/"37e10-1814322b120"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
i9ao3vMF3uUD8jWyD47odgwLc7s_aZX9_LOp-2SFGr7LNhjBKJC7bw==
x-cached
MISS
walla-v2-prod.js
cdn.valuad.cloud/hb/ 		924 KB
253 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
84c30f3b9c7031210ffe6850877849382560ae66e56402bdc80ce3c530068855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 08 Jun 2022 16:25:26 GMT
Content-Encoding
gzip
Connection
Keep-Alive
Last-Modified
Tue, 07 Jun 2022 22:12:01 GMT
x-amz-request-id
tx0000000000000045d8801-00629fd77e-280ab81f-fra1a
etag
"648ee10a8d6feb0fd166e5f8e1bbd311"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1654705525.dop087.lo4.t,1654705526.cds224.lo4.shn,1654705526.dop087.lo4.t,1654705526.cds316.lo4.c
Content-Type
application/javascript
cache-control
public, max-age=86400
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
257928
gtm.js
www.googletagmanager.com/ 		373 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d5bf7816a1836cf585f44dfbb4eebaf82fbfaea75f12ba6640c33f04f6b9aaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73225
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 16:06:37 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Jun 2022 16:25:25 GMT
gtm.js
www.googletagmanager.com/ 		448 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d0a301cf7a19c1a407483b0c9c41cc67899b7339230ffa4a137311c19056d10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66012
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Jun 2022 16:25:25 GMT
wallawb.js
cf.dxmcdn.com/dta/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/wallawb.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6200:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 14:32:35 GMT
content-encoding
gzip
last-modified
Sun, 29 May 2022 13:46:35 GMT
server
AmazonS3
age
6771
etag
W/"c6a8b1a7ee5ce83efe089c14c99eefad"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
x-amz-version-id
qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
eI21ANPbpQeoC29zS3NyrsqH9Q-423rnlnT_jqG8ONgWAMoarxckMA==
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il//
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:24 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 08 Jun 2022 11:43:30 GMT
server
openresty/1.15.8.1
age
15961
etag
W/"e954-181432076d0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
LxYizuZQKFeoIIXP0CZxhhueJeAt4F77Sshoknb8j91Hb6gbd5Utlw==
outbrain.js
widgets.outbrain.com/ 		200 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.229.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
decd50191a3e6112f14519ed04d7c6211aa31955ac754d6ad801ab44d3ff043d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:25 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:19:05 GMT
etag
"15-Bl4W/H6RJ1CkFg3XQ7+ydzBM1fc"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
a744b7cecca63fa6666ed5089706ad0f
timing-allow-origin
*, *
content-length
70470
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il//
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:24 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 08 Jun 2022 11:43:30 GMT
server
openresty/1.15.8.1
age
15961
etag
W/"3bdc-181432076d0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
60ae9oSlr6QI57rWBEiqUpEJWG9X0CLi1iKS-OjctGVJAcj4T0jxag==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il//
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:24 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 08 Jun 2022 11:43:30 GMT
server
openresty/1.15.8.1
age
15961
etag
W/"ea00-181432076d0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
j-b7Eycczur38SovJCwKjSyP2saIx85L6o6qFqVCJTuZyyRq_2FrTQ==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il//
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:26 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 08 Jun 2022 11:43:30 GMT
server
openresty/1.15.8.1
age
15959
etag
W/"e770-181432076d0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
gobaLYxMUxsNzN0BzLo2qRfYQt7OU4-mmntFAg3T1Dirfo8TVchbcg==
391_5493cd4ce05861fc6e3c_5493cd4ce05861fc6e3c_walla.js
www.walla.co.il/public/ 		122 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/391_5493cd4ce05861fc6e3c_5493cd4ce05861fc6e3c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_c5d1421691c9cb14709c_c5d1421691c9cb14709c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
df17a038604f387fabc1e3cc8994aba8394be245d7e3caaa989a629547803c0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:24 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 11:45:56 GMT
server
openresty/1.15.8.1
age
15962
etag
W/"1e60c-1814322b120"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
ragz6mg-9ydPseMpNA0U2Q1RovOdE3_66UPDiWrYCkWw3prS-AqAJw==
x-cached
MISS
PikudInner_8c1991b5dc442b6a04da_8c1991b5dc442b6a04da_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_8c1991b5dc442b6a04da_8c1991b5dc442b6a04da_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_c5d1421691c9cb14709c_c5d1421691c9cb14709c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c6163b79541e39dee513e65dbe9879c888d980c1884cce20d2ce25f225542320

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:24 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 11:45:56 GMT
server
openresty/1.15.8.1
age
15962
etag
W/"cfc-1814322b120"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Np2IQjlQc_2eX7BjmJG554KpQLbbUh-ju8lPVVWrdnonSh0mnZjsKw==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/128_6a4cd6fdf6df5404e7a5_6a4cd6fdf6df5404e7a5_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
f4d4d20fb35e356621a4e294b8052381133c6c7b4d809daaa9c02e229c8f6aab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28140
x-xss-protection
0
server
sffe
etag
"1238 / 657 of 1000 / last-modified: 1654686579"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Jun 2022 16:25:26 GMT
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:24 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 08 Jun 2022 11:43:30 GMT
server
openresty/1.15.8.1
age
15962
etag
W/"46c-181432076d0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
Tqv7jbXVGTutVN41a0lcFAogtpgjX9zCgFF7eM16wtGeJR3b5CYsvw==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
M4cAY6K8lgLxAvrW8KMjwcR8jBL7pfkvMEmmHQeG8OMxIaBc1a+m+DPUHQIXc+DPYJsJMaESgUFfRdRU9XZ2nw==
x-fb-trip-id
720026100
x-frame-options
DENY
date
Wed, 08 Jun 2022 16:25:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-06-08
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:0:4:1c73:c740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee3f5afe9e1b71c09e0f27fad062214fdd560fec9ce2b7e3ba7d8aaa2b7766d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
hMpKv4LDSyFWvWZ2YXTqiQwRE.jGLejG
content-encoding
gzip
last-modified
Wed, 18 May 2022 11:13:54 GMT
server
AmazonS3
age
54238
etag
W/"31cbd5c3707c9565a7c26200bea7a88a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
date
Wed, 08 Jun 2022 01:24:16 GMT
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
FJ8DxlDpEbxLp1PrCsnlZvBpZqTggLlCFYGSZ1ebwyLqepjGZBjOeQ==
bmV3cy53YWxsYS5jby5pbA==
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/bmV3cy53YWxsYS5jby5pbA==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 08 Jun 2022 16:25:26 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=30174
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
9dbac7536825beb2e13e54baa2568f40
Content-Length
16
Expires
Thu, 09 Jun 2022 00:48:20 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.229.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Fri, 08 Jul 2022 16:25:26 GMT
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 08 Jun 2022 16:25:26 GMT
server
Google Frontend
x-cloud-trace-context
a4019ca9176938bc323364db504544e6
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Accept
application/json
Referer
https://www.walla.co.il/
x-request-id
8f2bd650-d030-4e03-8e5e-3639f9edf861
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
x-vad-version
0.5.29
Content-Type
application/json

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
e36a4eb145be93146cc528761710bd8d
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
378
date
Wed, 08 Jun 2022 16:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 08 Jun 2022 18:19:08 GMT
conversion.js
www.googleadservices.com/pagead/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
65dcd317dfa4c961202096496246c654766966168760d7a072ef3b812a582447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17056
x-xss-protection
0
server
cafe
etag
2796685775116381335
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Jun 2022 16:25:26 GMT
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:59:23 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 08 Jun 2022 11:43:30 GMT
server
openresty/1.15.8.1
age
15963
etag
W/"558e-181432076d0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
HdqMOBPL7EAWCcrlbr57iv7z2KpR4G4hjJ58NmRoq8AD1g1SgrxNlg==
pubads_impl_2022060201.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
3fef2bb487a75c68deb09f1bb519592f7688129de30f665c72d577df95c102a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126885
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 08:36:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 08 Jun 2023 16:22:58 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		843 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5fd6e1b2782564a59206f88f30e52cfbf69758d0649141b126027e775b3b0553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
278
x-xss-protection
0
expires
Wed, 08 Jun 2022 16:25:26 GMT
handshakes
khn.crowdad.io/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.44.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-44-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 08 Jun 2022 16:25:26 GMT
access-control-allow-credentials
true
content-length
0
handshakes
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.44.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-44-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Wed, 08 Jun 2022 16:25:26 GMT
170717926997655
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d50915b30d550430eae1b32889a58fe5d1b868cea34feb70f354af7e7a7c8572
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
x7fovJsVOh4XndYyqxNePAicxy1PgR9ekZ/Nwh1UKs2TNzlasFHeoWgxNFeMuQqvDl4R2XexZ3vkpsBME6QbYw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 08 Jun 2022 16:25:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1654705526402
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=102340873&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1938062180&gjid=850546830&cid=1330302847.1654705526&tid=UA-4780630-1&_gid=1306909169.1654705526&_r=1&gtm=2wg660T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&z=1627881378
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1654705526327&cv=9&fst=1654705526327&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0a198c5ffeaf46c85db9ee1c058f7a94af2c6ff2910083aed7e14c88faed006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
977
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4780630-1&cid=1330302847.1654705526&jid=1938062180&gjid=850546830&_gid=1306909169.1654705526&_u=YEBAAEAAAAAAAC~&z=1942057061
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 08 Jun 2022 16:25:26 GMT
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1654705526327&cv=9&fst=1654704000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F%2F&fmt=3&is_vtc=1&random=3618713595&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1654705526327&cv=9&fst=1654704000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F%2F&fmt=3&is_vtc=1&random=3618713595&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1481c32-41771-5c7110f340cdf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=133387
accept-ranges
bytes
content-type
text/javascript
content-length
82748
expires
Fri, 10 Jun 2022 05:28:33 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38ce6d73c3c61fb69d0c8196bd61ca02e972cf547604f7415c1ddaaf7968cd44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
7182fbc44e04923b-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220608
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66084bafad45d691a66f087d1e2f99be394a7c0948424ee8b12ee199723891df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5069
x-jsd-version
1.0.1366
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19141-FRA, cache-itm18838-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"666-3/F3HpIbsQfz0/d7d9V4orK0bes"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiSQfdkw4%2Byqb0yqrjrhud1rSmo4MSFvXxtG%2FNV5FIo6Kwo%2FBXmKB%2BwDLTnsimrqJ6QP8zZP0RN3nCD7JbCU0xncXpZ4AR89D2vW4QZ1oZJ6K5EjwvPlPcJEPBljl25LtBN8PFD6hJlBeT2VlW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7182fbc4485591ed-FRA
access-control-expose-headers
*
localstore.js
script.4dex.io/ 		483 B
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1876
content-type
application/javascript
x-amz-request-id
tx868aa8ceaf494ff0b1336-00627a3731
x-amz-id-2
tx868aa8ceaf494ff0b1336-00627a3731
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j87MmmxMbjEQVfQnEDMYb6TR5bfoedEfUNfE2ZL6SHxyyXSz01rnzWXBqkTa5wGDr4bPOOMDEsQgSmkD%2FLFfbISdyXiZUe01deQY3I28sCesUnOb1SXxTjOQWMtNp0i3h%2BXIHFXjwF6qaE5T"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1652176652152482
cache-control
public, max-age=1800
cf-ray
7182fbc48fb5374d-MXP
expires
Wed, 08 Jun 2022 16:55:26 GMT
auction
tlx.3lift.com/header/ 		19 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.14.0&referrer=https%3A%2F%2Fwww.walla.co.il%2F%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.182.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-182-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:26 GMT
accept-ch
sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cf-ray
7182fbc45e2d923b-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cf-ray
7182fbc45e28923b-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 08 Jun 2022 16:25:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
171
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ 		114 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5cf0ebf969f89ff87db6e8235e8bcfd124d3f35b93def6b88e14a5c0f155c1c

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
7182fbc49e3601e3-ZRH
pragma
no-cache
date
Wed, 08 Jun 2022 16:25:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.walla.co.il
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		19 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Jun 2022 16:25:26 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b375defc-e7fc-4b6c-a53c-c01d8167a659
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.14.0&cb=51711933765
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Jun 2022 16:25:25 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		536 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F%2F&CanonicalUrl=https%3A%2F%2Fnews.walla.co.il%2Fitem%2F3430276&PublisherDomain=www.walla.co.il
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
7db2d4f870eda8f7f9951547ad82034ebdb0ae6ebd3d8328c0c782eb70d02076
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:26 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
57
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
536
expires
0
prebid
ib.adnxs.com/ut/v3/ 		10 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
98629b475ccba8aae024b29f0b533b99d813c801b15a3bf8b17d9785fdd85f5c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 08 Jun 2022 16:25:26 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ebe13a9e-6d82-4bf7-8fca-6b4f78a9a15a
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
u.openx.net/w/1.0/ 		74 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=90306c91-cd69-4aa0-8606-1622e783686c%2Cda81bbc6-dfc1-4bf7-b02a-e8bead851040&nocache=1654705526448&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C970x90%2C970x250&divids=adSlot-1%2CadSlot-17&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fproducts_footer_desktop&auid=544104782%2C544104782
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
119594b63b78b094e8eee8dcba98821c54b689fc200ecf785230a43edc0ed038

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1806415138199533&correlator=2815569317325371&eid=31067917%2C44761477%2C31065401%2C21065725%2C31064018&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Ctop_desktop%2Cnickbar_desktop%2Cprestitial_desktop%2Cvideo_slider_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%2C970x40%7C970x50%7C970x80%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&adks=3131741070%2C1593069613%2C2746968372%2C2837879538%2C581680292%2C3350566117%2C947382955%2C1039085789%2C1445159051%2C3423946700%2C941261744%2C3384287599%2C2655517675%2C199863101%2C41169740%2C2603141500&sfv=1-0-38&ecs=20220608&ists=12287&fsapi=false&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dvideo_slider_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1654705526468&lmt=1654705526&dlt=1654705525814&idt=523&biw=1600&bih=1200&adxs=805%2C315%2C-12245933%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=98%2C1200%2C-12245933%2C113%2C887%2C887%2C887%2C887%2C887%2C887%2C887%2C887%2C887%2C887%2C887%2C887&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x0%7C0x-1%7C0x-1%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=480x0%7C970x-1%7C0x-1%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=132%2C644%2C640%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=970%2C0%2C0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1330302847.1654705526&ga_sid=1654705526&ga_hid=102340873&ga_fc=true&btvi=0%7C1%7C-1%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
266d8dcc1e5ba035f5ae4f9df96639319a273008c45c7f7f7b0e709039e4f163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9796
x-xss-protection
0
google-lineitem-id
-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C251 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 16:25:26 GMT
expires
Thu, 08 Jun 2023 16:25:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=1330302847.1654705526&jid=1938062180&_u=YEBAAEAAAAAAAC~&z=753749723
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=1330302847.1654705526&jid=1938062180&_u=YEBAAEAAAAAAAC~&z=753749723
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
odb.outbrain.com/utils/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fnews.walla.co.il%2Fitem%2F3430276&idx=0&rand=57043&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=38&vpd=0&cw=1600&activeTab=true&darkMode=false&settings=true&recs=true&version=2000756&sig=02x6tt8m&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1bcd8857981ddc76dfc9b9db2632b43b82418adb4b8a49852b627fee983a8bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1654705527.545479,VS0,VE103
accept-ranges
bytes
x-served-by
cache-lga21949-LGA, cache-hhn4044-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
c1278e30ffb104d69ddb689091d7ba42
content-encoding
gzip
content-length
1060
expires
Thu, 01 Jan 1970 00:00:00 GMT
1616785908557850
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
57628a8656d3a724747f949ef5c7cad775b32396ef6034a3c22c802b088ef9e4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
aj006cGhjhJu2zVInt/mTCOUblX2VZBzAnEGZOLDXZolowFn0VoMcdDQWPyypyW5ODMZULRXC491CsXTuK2qwA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 08 Jun 2022 16:25:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1654705527039
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F%2F&rl=&if=false&ts=1654705526536&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.2.1654705526534.646971778&it=1654705526311&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 08 Jun 2022 16:25:26 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
98606
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx2784d4621ca340258eec8-00629f4bcb
x-amz-id-2
tx2784d4621ca340258eec8-00629f4bcb
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BOHmfM%2BEJhzhUZY6po%2FQig0Engw1z6f2er%2FbZC%2Bj3nAvut3hsDQRX5rF%2BJlo73ESdpNIvCPPdN3LPWvdfV%2Bq%2FHBUu%2BYEYd5L2PX5u%2BXmiieYAp4oPo3y%2Br4bAjNz6vgf44kTksv4opJLKTn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
7182fbc54edb0f72-MXP
access-control-allow-headers
Authorization
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1328072
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7182fbc53f82923b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 5561 		0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbc56fe8923b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
setuid
ib.adnxs.com/prebid/ Frame 3030
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7ea6bbaeccf953a2c1e4fc73b26c4eb0
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7ea6bbaeccf953a2c1e4fc73b26c4eb0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
1647d47e-f5d2-4802-97ac-9d1c7c367f75
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 08 Jun 2022 16:25:26 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbc56fef923b-FRA
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7ea6bbaeccf953a2c1e4fc73b26c4eb0
server
cloudflare
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=dec04a16d5ef354bd49b6213915b5ca4_1769_1654705526604&tm=471&eT=6&wRV=2000756&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 08 Jun 2022 16:25:26 GMT
content-encoding
gzip
X-TraceId
6b6219811a10d76e2d72409df899ad3d
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
connectmyusers.php
cdn.connectad.io/ Frame D04E 		1 KB
897 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7182fbc5ff0901fc-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
getuid
sync.smartadserver.com/ Frame 07BB
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 08 Jun 2022 16:25:26 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Wed, 08 Jun 2022 16:25:25 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
1
sync-eu.connectad.io/syncer/ Frame 12AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7182fbc65f8301fc-ZRH
date
Wed, 08 Jun 2022 16:25:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
2e407d95-b042-498e-915c-3ece56d4e3e5&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame E75A
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/2e407d95-b042-498e-915c-3ece56d4e3e5&partner_id=1010
0
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/2e407d95-b042-498e-915c-3ece56d4e3e5&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbc75afd923b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Wed, 08 Jun 2022 16:25:26 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/2e407d95-b042-498e-915c-3ece56d4e3e5&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame 0A7E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
6f9fd0201ed801884e5299d5aabca094
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A695 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133332
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 10 Jun 2022 05:27:38 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame A695 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64552615&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bcd342813bac312917f92746b0d69e772e020dda4e7e027884ac72d8c0e07629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
container.html
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 874E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 16:25:26 GMT
expires
Thu, 08 Jun 2023 16:25:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
YqDNd2bNmQPTLTA275UsIAAA%261112
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 311E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YqDNd2bNmQPTLTA275UsIAAA%261112
0
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YqDNd2bNmQPTLTA275UsIAAA%261112
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbc84c69923b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
282
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 08 Jun 2022 16:25:27 GMT
Expires
Wed, 08 Jun 2022 16:25:27 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YqDNd2bNmQPTLTA275UsIAAA%261112
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
9b1b6bd8-e747-11ec-a2a4-10ffbde80106
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame CAF5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=9b1b6c21-e747-11ec-a2a4-10ffbde80106
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/9b1b6bd8-e747-11ec-a2a4-10ffbde80106
0
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/9b1b6bd8-e747-11ec-a2a4-10ffbde80106
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbc99e60923b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Wed, 08 Jun 2022 16:25:27 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/9b1b6bd8-e747-11ec-a2a4-10ffbde80106
Server
nginx
X-fe
66
pixel
googleads.g.doubleclick.net/xbbe/ Frame B52A 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYjZ7vyAEwAQ&v=APEucNVUMf5APKFBRpCWCkuVRIh_tpD2pJrePpdMUp2sGhq5vfTEECdnUsMIxDXJv8femBgNdM4DKl6zBMuyUEe0UWJBIA1pE9nxc9GyM2Cr7EBRekGqS70gxWNmu_i2Em3r_C-mId-F6LepE2b12DhgCT70BWcbTcVYnh56HWjpINN3nGAe5nU
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 16:25:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 874E 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuePFxCLR9R5Y3BZHOd5dHr1xvOCjpKoO9KUfIo5ijGky1A6YNzY-FPX2Ye-gXzrgjJSY4AE8VWcly7MN-9308rtnecQ&cry=1&dbm_d=AKAmf-Ch5T2N4P65cRr4vhnh07X9cuMIhS5d2tvZMCG_3WJxwoi4yNtv80NnvRYQEg8HZFfSpF2-Lve427pMWWuTtkj5bxsIAGRbKWzYP6OWIndZ8uwVK7JW5Eya5n2lx8yWmO4GVqYdGOHD6PVw8RQSy4bnJpRpjc1f2nke-2H_tMucbjoi5KLfnbrHAlT1VZF_ykhWGrmtejprw6uIYVLZG3IqVDnmZo2Tj5ZqQPxKNAiqO8Vjxjk5cVMmxuL-3-M74rzzitCZb-CfFUscLnjvYBtbtYnPFmIZcBC-IrWZGSvD8x5wGaqNvFRyytrJQZH10BbfG4gTA-nRvAIT-191W-bk3PsGQfOhZhzwb5wOPfClWSSCZF-KCChAZCcIjTNWp-Z9jcXi9HgHAAqiD7IIgne0eKko0K2_NszrO-hGvLG5cQICF3wuB0xfa3OtBLiR-ZjI_Rn6axeO5vABkGRLujDusMRKXkmE7M48dA2nQTFs9GrC_fSjl8DH7URNKW8_mD9QJRRIxprq7ewyEjI40aQfjzxCLOP2Ft76zwBuEPUuj8UZ54VIOgMf9Z9BBqVI6Lcv1--a7b0GvvJH1Ww-ker8JctmP11RdJF2v_sg9QYIw1NIrIleg3EoMK47vOX2_bYA0Q2Ih3TmIVOGoj1yBjPs0I9-H-3QwxL8Vd7yZqip1sE7NZL9dlTbw8K1Lqv3F-j3e9ln1s8MrxIbcSHP4AG30RvIeKiuLBjiimZdT40-DDwlfS6iaPnx20r7mFEzFzL8587uwAuG8QRmmH2d4k_l2kigNKfxMK0fs2v4fCJhyBRGHTVdocwdWJynnkO48dgzO2e51-yKwEIlTNmxpKKNnXtiYhVYC2DNlMjGuMeG7urP_QJ2FO9BOeAz-22Sxb26VIZFWdy6gc3-3SAOQ2oiJl9f8QJ2FFHmXPrZDxcA7z6pUF3UQh45qgG80r4jCg278PXRlWVYFSaOIr2ajhrWce4mYOa4wENGbx30smm8K0zS5IH3_zP2f2GlK2JMiKUM6pm7PQmB-k0qtMML2ob8aTJPXGZ-69pLls6prjkMR08v0PE6IPl3caEftuZ1NCpQHaxw66f7vwR8efvaGz1qkdZd8Q8MH1fFLv_9X20jOU_xpPfwpYuARhSNBxVrFkVHoZuzFiiNNj8DhEjyCC4qONnDxWIVFdz9Nz5LOXlBsDA8DT7algpyAszrFGBrBUaZY0nJV8SSpIjKjep1bTl4I4R672YT6oGmmn5IIsGMfgDPHLJzS6yj6hmcjlrqXKYvNcg-ppTmFYuvWq19QfS1vXHbKqvCMU4eD3tpERicqjAmtYUn03SzJgWiqPhsUY0ZB_UAkJw1Z9qkflC_Kc-0-8qoiL16y064jmMXPQiYE_3K-Kyt_EZUhL71vUHV6NiRiiSgbvGSeIOFPqjDok759gnp84VIu6QxYhCxEmpift5wvptpWGaTbO5KK1W7lVPxsVv9gTCL5S5SrzX3bIJ3IUKR5bOp4OhK1Pyilnw8F7-5O-VpTOxIihHvrbAfajTQcdeqLDGKnBoS6oHmwxLUiRBK0sYCQSJfdwvqL1Z7omulx5GSmj1pbcJGU1Nir4tQohlG9Mbi1aYBqz_HSPNi8RwZ-B5WRmVN-8tdAXiHQKbFUg4yg0UxOk4skC3fYrHaZHA0PGlW5a_9JLKtTtNEgCbqDKinwbXvfzAKG8wx_xfM8kbOQE_U5Z9kEbLXO8Cu4jp8R2F51mOg4eg5Ny8V-jaIVTmhmTzIYtnhfjRoQiaHVslGex3_tZpQNOLjvv6_Vsk3vOTcSFGV23zR8Gt1HBizeIzAt_FQHgYBBBgw25iis-Rh5digZZ0QwMMi1j44Xpb2nvzA1E0MsNHEvhnivsZr78JmOQzq6cNdR1NCLnJypPNHutUL9guCGAm5VsWJU123qZof3xxRt5H_K6lIj9WMx9dZNfaoUruEoSVaYOL_tYl7Tad2vb9JmRZH8XcWUPVN_iUL_fg6J9DU_TMI3q52yduSkZ_x0QRoLJnj_Bn6sWz132O3gF6hRpvKXfAOOvaGoy4iBXc_gtcG0n0m1ggY0H2Fx3mJvv3j89gZuwjkjmUJ_uvPUxzXJsxIRmhZapAHEC-CuOGh7VaLV3Hoy70drYTIK2QYxM6QH5WgBrIvKd2GhPAzqQNBvSc8X9uIsHAn4pIC_CL6eNbpUGJgATvpY1jIgaufDXJXIN8EOYTo5lA4kFEIl1tKcxH6oow9swFAOAr1FCRLQseXIq6NlqbISdrsoDsD62uhgVT0SPV-_DVofYy1M_yfWoYr7lG42J1c3Tj0yYMZr0WTPngnCjpItuZnuELSZVapsByc8ImdwPS-UOb2Q56Dk-1hc7luM2ImS36-ZJeJ9PPH_ub_UpDZ81jeIIEqMrQPHWaQ_r310gaD_vLRPDBzjAxsinRlQ2rmROTUbU6p1NiF3ysefXqoj99UjAFT8P1L6N1E_82giRv6y2vFIuPcIzsiCR8ftCi1mgkkIIe0KOpWPmHKoIbPcln20f8icFrRfCMMNIb1XBtzYXLPu8V70dJrMhZhgymOd4y-PEMoeouXm48EMIQnbkin2TZGMPtnoKgmwiYwJ9r-to0ev5PBV7bbgu-I6EQblEO1v3AJzjncIYgZ3KPETrk5rAI2SAi5DG0Lp12rAR1vLSzYGLo6ghIZcwcsKhojgXOi9XKj0Tj27eMK0q4sPHv_zQpVyOvuSF7iImw6nWzxCXYW7yVcr15jZcBlCVN56CZ3gdbloQGgbd3BK9YuPMa9-99bmpI-8NEMwpny-qn9X4zVixl-g1_3eiu4V3HxPUexzzEBSa9j1lZYa6e6sOK7AZZYGlOXxAqRETvC79mDoH39KWzaVEdrO6_arCxuVdQC8cFmQPc30oHaRDBkIQjhc99I-d0RzxDcnOFr_LkzbjoPGtk7QAzQ-XjNRD04VcW-pbBupk4t-7RtcbtbXHGID8gQPLLcZWOExjE4kg3xx17l9nnB-eRQbCT4LVvgKva0kruCb7kKuL5LpeMmYhIWbFYWEPGRGDiVgwox6xAJn8HXQCG3Yn32BbaXopf_LQz9vSusXv8VS-Ooq_BrQw&cid=CAASJeRocPYmS3sjsBN8t7dl6fzfoBascpDK2cNjgYY4cIYNZsdg6us&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f9fc2cb58a48f16452927685c83b07c428a5d75961fff8f634a796b0b8d1624
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32996
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 874E 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BHKaya_rGAR9F0-9S2VIg93t2vw1MjYjpkf1dxtoYhx5FQr9kFu51Y14KIMF5c8GuuP9oHF87NgQHzYzDh86tUnxbMwxq4OtwkVDKanVO8QBy8Sc4
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 874E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2019.js
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:22:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 874E 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43419
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654515382487150"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Jun 2022 16:25:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 874E 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:21:04 GMT
l
www.google.com/ads/measurement/ Frame 874E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfclEHDoPYZxqvfcZ3ADb36ADX3vjlG9zjfDIxBPOgVpUvXSwjuj5s6gSZaqt5-fI04tW8qcDUCfgoDVE1vIdFhX_BiQ
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
match
c1.adform.net/serving/cookie/ Frame D432
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 08 Jun 2022 16:25:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 08 Jun 2022 16:25:27 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2A6C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2d8262a0-cd78-4100-b836-b8e0c0b2c6a0&gdpr=0&gdpr_consent=
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2d8262a0-cd78-4100-b836-b8e0c0b2c6a0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 08 Jun 2022 16:25:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 08 Jun 2022 16:25:27 GMT
Expires
Wed, 08 Jun 2022 16:25:26 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4447 e18e916 master hkg-pixel-x18 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2d8262a0-cd78-4100-b836-b8e0c0b2c6a0&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 4AC7
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4198648938245447801
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4198648938245447801
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 08 Jun 2022 16:25:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4198648938245447801
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 10C3 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 16:25:26 GMT
expires
Wed, 08 Jun 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
383360
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 9693 		0
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbc7ab6d923b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A695
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Ul2Pw2KRcym1lGpXk2tMA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:27 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=133331
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Fri, 10 Jun 2022 05:27:38 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame A695
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=815062a0-cd77-4800-a401-06367fd3c62b
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=815062a0-cd77-4800-a401-06367fd3c62b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 08 Jun 2022 16:25:27 GMT
Server
MT3 4447 e18e916 master hkg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=815062a0-cd77-4800-a401-06367fd3c62b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 08 Jun 2022 16:25:26 GMT
mw
mwzeom.zeotap.com/ Frame A695
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7b66c67c989df1e3/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=7b66c67c989df1e3/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://spl.zeotap.com/?zdid=1332&zcluid=7b66c67c989df1e3
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d21dbb-bdaa-47ca-66e6-a08ede132bde&reqId=264a7a3c-fdca-47c7-58d8-40f0c87528a9&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENGB2mfAdH3Sp8BjvCPL4iY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d21dbb-bdaa-47ca-66e6-a08ede132bde&reqId=264a7a3c-fdca-47c7-58d8-40f...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESENGB2mfAdH3Sp8BjvCPL4iY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d21dbb-bdaa-47ca-66e6-a08ede132bde&reqId=264a7a3c-fdca-47c7-58d8-40f0c87528a9&zcluid=7b66c67c989df1e3&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7182fbc9ecea2397-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESENGB2mfAdH3Sp8BjvCPL4iY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d21dbb-bdaa-47ca-66e6-a08ede132bde&reqId=264a7a3c-fdca-47c7-58d8-40f0c87528a9&zcluid=7b66c67c989df1e3&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A695
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUQ0OTc2M0YtMEQ4QS00NUNDLUE2RDYtNTFBOTVFNERBRDMw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A695
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG8510EWteigMHALW8nO0Kg&google_cver=1
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG8510EWteigMHALW8nO0Kg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG8510EWteigMHALW8nO0Kg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A695 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 07 Jun 2022 16:25:27 GMT
generic
match.adsrvr.org/track/cmf/ Frame A695 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame A695
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1681303317823180167
42 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1681303317823180167
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1681303317823180167
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame A695
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2439243591662352484&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2439243591662352484&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 08 Jun 2022 16:25:26 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
71952fe3-0e0d-4a49-a839-0e4b77b7e246
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2439243591662352484&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A695
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=86FTQab3BUboowFDofAfQfWgU0XoqldC96AhAHhG
42 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=86FTQab3BUboowFDofAfQfWgU0XoqldC96AhAHhG
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=86FTQab3BUboowFDofAfQfWgU0XoqldC96AhAHhG
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B52A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTvz9t2Taun7J2VxEks_JA&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTvz9t2Taun7J2VxEks_JA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYjZ7vyAEwAQ&v=APEucNVUMf5APKFBRpCWCkuVRIh_tpD2pJrePpdMUp2sGhq5vfTEECdnUsMIxDXJv8femBgNdM4DKl6zBMuyUEe0UWJBIA1pE9nxc9GyM2Cr7EBRekGqS70gxWNmu_i2Em3r_C-mId-F6LepE2b12DhgCT70BWcbTcVYnh56HWjpINN3nGAe5nU
Protocol
HTTP/1.1
Server
23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Jun 2022 16:25:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 08 Jun 2022 16:25:27 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTvz9t2Taun7J2VxEks_JA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B52A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqDNd2bNmQPTLTA275UsIAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTvz9t2Taun7J2VxEks_JA&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTvz9t2Taun7J2VxEks_JA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYjZ7vyAEwAQ&v=APEucNVUMf5APKFBRpCWCkuVRIh_tpD2pJrePpdMUp2sGhq5vfTEECdnUsMIxDXJv8femBgNdM4DKl6zBMuyUEe0UWJBIA1pE9nxc9GyM2Cr7EBRekGqS70gxWNmu_i2Em3r_C-mId-F6LepE2b12DhgCT70BWcbTcVYnh56HWjpINN3nGAe5nU
Protocol
HTTP/1.1
Server
23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Jun 2022 16:25:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 08 Jun 2022 16:25:27 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTvz9t2Taun7J2VxEks_JA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B52A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENMKgL8DABZ1tE7O9rDVUj0&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENMKgL8DABZ1tE7O9rDVUj0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYjZ7vyAEwAQ&v=APEucNVUMf5APKFBRpCWCkuVRIh_tpD2pJrePpdMUp2sGhq5vfTEECdnUsMIxDXJv8femBgNdM4DKl6zBMuyUEe0UWJBIA1pE9nxc9GyM2Cr7EBRekGqS70gxWNmu_i2Em3r_C-mId-F6LepE2b12DhgCT70BWcbTcVYnh56HWjpINN3nGAe5nU
Protocol
HTTP/1.1
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Jun 2022 16:25:27 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8cfa4d4a-75f2-423c-ae28-02dcc6ad6a8a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENMKgL8DABZ1tE7O9rDVUj0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B52A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzOTI0MzU5MTY2MjM1MjQ4NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzOTI0MzU5MTY2MjM1MjQ4NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYjZ7vyAEwAQ&v=APEucNVUMf5APKFBRpCWCkuVRIh_tpD2pJrePpdMUp2sGhq5vfTEECdnUsMIxDXJv8femBgNdM4DKl6zBMuyUEe0UWJBIA1pE9nxc9GyM2Cr7EBRekGqS70gxWNmu_i2Em3r_C-mId-F6LepE2b12DhgCT70BWcbTcVYnh56HWjpINN3nGAe5nU
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 08 Jun 2022 16:25:27 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
474f264e-4853-46f9-88a6-603ecc9ec159
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzOTI0MzU5MTY2MjM1MjQ4NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
csync.loopme.me/ Frame 4F98 		0
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 874E 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Origin
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Jun 2022 11:09:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220606/r20110914/elements/html/ Frame 874E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220606/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuePFxCLR9R5Y3BZHOd5dHr1xvOCjpKoO9KUfIo5ijGky1A6YNzY-FPX2Ye-gXzrgjJSY4AE8VWcly7MN-9308rtnecQ&cry=1&dbm_d=AKAmf-Ch5T2N4P65cRr4vhnh07X9cuMIhS5d2tvZMCG_3WJxwoi4yNtv80NnvRYQEg8HZFfSpF2-Lve427pMWWuTtkj5bxsIAGRbKWzYP6OWIndZ8uwVK7JW5Eya5n2lx8yWmO4GVqYdGOHD6PVw8RQSy4bnJpRpjc1f2nke-2H_tMucbjoi5KLfnbrHAlT1VZF_ykhWGrmtejprw6uIYVLZG3IqVDnmZo2Tj5ZqQPxKNAiqO8Vjxjk5cVMmxuL-3-M74rzzitCZb-CfFUscLnjvYBtbtYnPFmIZcBC-IrWZGSvD8x5wGaqNvFRyytrJQZH10BbfG4gTA-nRvAIT-191W-bk3PsGQfOhZhzwb5wOPfClWSSCZF-KCChAZCcIjTNWp-Z9jcXi9HgHAAqiD7IIgne0eKko0K2_NszrO-hGvLG5cQICF3wuB0xfa3OtBLiR-ZjI_Rn6axeO5vABkGRLujDusMRKXkmE7M48dA2nQTFs9GrC_fSjl8DH7URNKW8_mD9QJRRIxprq7ewyEjI40aQfjzxCLOP2Ft76zwBuEPUuj8UZ54VIOgMf9Z9BBqVI6Lcv1--a7b0GvvJH1Ww-ker8JctmP11RdJF2v_sg9QYIw1NIrIleg3EoMK47vOX2_bYA0Q2Ih3TmIVOGoj1yBjPs0I9-H-3QwxL8Vd7yZqip1sE7NZL9dlTbw8K1Lqv3F-j3e9ln1s8MrxIbcSHP4AG30RvIeKiuLBjiimZdT40-DDwlfS6iaPnx20r7mFEzFzL8587uwAuG8QRmmH2d4k_l2kigNKfxMK0fs2v4fCJhyBRGHTVdocwdWJynnkO48dgzO2e51-yKwEIlTNmxpKKNnXtiYhVYC2DNlMjGuMeG7urP_QJ2FO9BOeAz-22Sxb26VIZFWdy6gc3-3SAOQ2oiJl9f8QJ2FFHmXPrZDxcA7z6pUF3UQh45qgG80r4jCg278PXRlWVYFSaOIr2ajhrWce4mYOa4wENGbx30smm8K0zS5IH3_zP2f2GlK2JMiKUM6pm7PQmB-k0qtMML2ob8aTJPXGZ-69pLls6prjkMR08v0PE6IPl3caEftuZ1NCpQHaxw66f7vwR8efvaGz1qkdZd8Q8MH1fFLv_9X20jOU_xpPfwpYuARhSNBxVrFkVHoZuzFiiNNj8DhEjyCC4qONnDxWIVFdz9Nz5LOXlBsDA8DT7algpyAszrFGBrBUaZY0nJV8SSpIjKjep1bTl4I4R672YT6oGmmn5IIsGMfgDPHLJzS6yj6hmcjlrqXKYvNcg-ppTmFYuvWq19QfS1vXHbKqvCMU4eD3tpERicqjAmtYUn03SzJgWiqPhsUY0ZB_UAkJw1Z9qkflC_Kc-0-8qoiL16y064jmMXPQiYE_3K-Kyt_EZUhL71vUHV6NiRiiSgbvGSeIOFPqjDok759gnp84VIu6QxYhCxEmpift5wvptpWGaTbO5KK1W7lVPxsVv9gTCL5S5SrzX3bIJ3IUKR5bOp4OhK1Pyilnw8F7-5O-VpTOxIihHvrbAfajTQcdeqLDGKnBoS6oHmwxLUiRBK0sYCQSJfdwvqL1Z7omulx5GSmj1pbcJGU1Nir4tQohlG9Mbi1aYBqz_HSPNi8RwZ-B5WRmVN-8tdAXiHQKbFUg4yg0UxOk4skC3fYrHaZHA0PGlW5a_9JLKtTtNEgCbqDKinwbXvfzAKG8wx_xfM8kbOQE_U5Z9kEbLXO8Cu4jp8R2F51mOg4eg5Ny8V-jaIVTmhmTzIYtnhfjRoQiaHVslGex3_tZpQNOLjvv6_Vsk3vOTcSFGV23zR8Gt1HBizeIzAt_FQHgYBBBgw25iis-Rh5digZZ0QwMMi1j44Xpb2nvzA1E0MsNHEvhnivsZr78JmOQzq6cNdR1NCLnJypPNHutUL9guCGAm5VsWJU123qZof3xxRt5H_K6lIj9WMx9dZNfaoUruEoSVaYOL_tYl7Tad2vb9JmRZH8XcWUPVN_iUL_fg6J9DU_TMI3q52yduSkZ_x0QRoLJnj_Bn6sWz132O3gF6hRpvKXfAOOvaGoy4iBXc_gtcG0n0m1ggY0H2Fx3mJvv3j89gZuwjkjmUJ_uvPUxzXJsxIRmhZapAHEC-CuOGh7VaLV3Hoy70drYTIK2QYxM6QH5WgBrIvKd2GhPAzqQNBvSc8X9uIsHAn4pIC_CL6eNbpUGJgATvpY1jIgaufDXJXIN8EOYTo5lA4kFEIl1tKcxH6oow9swFAOAr1FCRLQseXIq6NlqbISdrsoDsD62uhgVT0SPV-_DVofYy1M_yfWoYr7lG42J1c3Tj0yYMZr0WTPngnCjpItuZnuELSZVapsByc8ImdwPS-UOb2Q56Dk-1hc7luM2ImS36-ZJeJ9PPH_ub_UpDZ81jeIIEqMrQPHWaQ_r310gaD_vLRPDBzjAxsinRlQ2rmROTUbU6p1NiF3ysefXqoj99UjAFT8P1L6N1E_82giRv6y2vFIuPcIzsiCR8ftCi1mgkkIIe0KOpWPmHKoIbPcln20f8icFrRfCMMNIb1XBtzYXLPu8V70dJrMhZhgymOd4y-PEMoeouXm48EMIQnbkin2TZGMPtnoKgmwiYwJ9r-to0ev5PBV7bbgu-I6EQblEO1v3AJzjncIYgZ3KPETrk5rAI2SAi5DG0Lp12rAR1vLSzYGLo6ghIZcwcsKhojgXOi9XKj0Tj27eMK0q4sPHv_zQpVyOvuSF7iImw6nWzxCXYW7yVcr15jZcBlCVN56CZ3gdbloQGgbd3BK9YuPMa9-99bmpI-8NEMwpny-qn9X4zVixl-g1_3eiu4V3HxPUexzzEBSa9j1lZYa6e6sOK7AZZYGlOXxAqRETvC79mDoH39KWzaVEdrO6_arCxuVdQC8cFmQPc30oHaRDBkIQjhc99I-d0RzxDcnOFr_LkzbjoPGtk7QAzQ-XjNRD04VcW-pbBupk4t-7RtcbtbXHGID8gQPLLcZWOExjE4kg3xx17l9nnB-eRQbCT4LVvgKva0kruCb7kKuL5LpeMmYhIWbFYWEPGRGDiVgwox6xAJn8HXQCG3Yn32BbaXopf_LQz9vSusXv8VS-Ooq_BrQw&cid=CAASJeRocPYmS3sjsBN8t7dl6fzfoBascpDK2cNjgYY4cIYNZsdg6us&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:18:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220606/r20110914/ Frame 874E 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220606/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuePFxCLR9R5Y3BZHOd5dHr1xvOCjpKoO9KUfIo5ijGky1A6YNzY-FPX2Ye-gXzrgjJSY4AE8VWcly7MN-9308rtnecQ&cry=1&dbm_d=AKAmf-Ch5T2N4P65cRr4vhnh07X9cuMIhS5d2tvZMCG_3WJxwoi4yNtv80NnvRYQEg8HZFfSpF2-Lve427pMWWuTtkj5bxsIAGRbKWzYP6OWIndZ8uwVK7JW5Eya5n2lx8yWmO4GVqYdGOHD6PVw8RQSy4bnJpRpjc1f2nke-2H_tMucbjoi5KLfnbrHAlT1VZF_ykhWGrmtejprw6uIYVLZG3IqVDnmZo2Tj5ZqQPxKNAiqO8Vjxjk5cVMmxuL-3-M74rzzitCZb-CfFUscLnjvYBtbtYnPFmIZcBC-IrWZGSvD8x5wGaqNvFRyytrJQZH10BbfG4gTA-nRvAIT-191W-bk3PsGQfOhZhzwb5wOPfClWSSCZF-KCChAZCcIjTNWp-Z9jcXi9HgHAAqiD7IIgne0eKko0K2_NszrO-hGvLG5cQICF3wuB0xfa3OtBLiR-ZjI_Rn6axeO5vABkGRLujDusMRKXkmE7M48dA2nQTFs9GrC_fSjl8DH7URNKW8_mD9QJRRIxprq7ewyEjI40aQfjzxCLOP2Ft76zwBuEPUuj8UZ54VIOgMf9Z9BBqVI6Lcv1--a7b0GvvJH1Ww-ker8JctmP11RdJF2v_sg9QYIw1NIrIleg3EoMK47vOX2_bYA0Q2Ih3TmIVOGoj1yBjPs0I9-H-3QwxL8Vd7yZqip1sE7NZL9dlTbw8K1Lqv3F-j3e9ln1s8MrxIbcSHP4AG30RvIeKiuLBjiimZdT40-DDwlfS6iaPnx20r7mFEzFzL8587uwAuG8QRmmH2d4k_l2kigNKfxMK0fs2v4fCJhyBRGHTVdocwdWJynnkO48dgzO2e51-yKwEIlTNmxpKKNnXtiYhVYC2DNlMjGuMeG7urP_QJ2FO9BOeAz-22Sxb26VIZFWdy6gc3-3SAOQ2oiJl9f8QJ2FFHmXPrZDxcA7z6pUF3UQh45qgG80r4jCg278PXRlWVYFSaOIr2ajhrWce4mYOa4wENGbx30smm8K0zS5IH3_zP2f2GlK2JMiKUM6pm7PQmB-k0qtMML2ob8aTJPXGZ-69pLls6prjkMR08v0PE6IPl3caEftuZ1NCpQHaxw66f7vwR8efvaGz1qkdZd8Q8MH1fFLv_9X20jOU_xpPfwpYuARhSNBxVrFkVHoZuzFiiNNj8DhEjyCC4qONnDxWIVFdz9Nz5LOXlBsDA8DT7algpyAszrFGBrBUaZY0nJV8SSpIjKjep1bTl4I4R672YT6oGmmn5IIsGMfgDPHLJzS6yj6hmcjlrqXKYvNcg-ppTmFYuvWq19QfS1vXHbKqvCMU4eD3tpERicqjAmtYUn03SzJgWiqPhsUY0ZB_UAkJw1Z9qkflC_Kc-0-8qoiL16y064jmMXPQiYE_3K-Kyt_EZUhL71vUHV6NiRiiSgbvGSeIOFPqjDok759gnp84VIu6QxYhCxEmpift5wvptpWGaTbO5KK1W7lVPxsVv9gTCL5S5SrzX3bIJ3IUKR5bOp4OhK1Pyilnw8F7-5O-VpTOxIihHvrbAfajTQcdeqLDGKnBoS6oHmwxLUiRBK0sYCQSJfdwvqL1Z7omulx5GSmj1pbcJGU1Nir4tQohlG9Mbi1aYBqz_HSPNi8RwZ-B5WRmVN-8tdAXiHQKbFUg4yg0UxOk4skC3fYrHaZHA0PGlW5a_9JLKtTtNEgCbqDKinwbXvfzAKG8wx_xfM8kbOQE_U5Z9kEbLXO8Cu4jp8R2F51mOg4eg5Ny8V-jaIVTmhmTzIYtnhfjRoQiaHVslGex3_tZpQNOLjvv6_Vsk3vOTcSFGV23zR8Gt1HBizeIzAt_FQHgYBBBgw25iis-Rh5digZZ0QwMMi1j44Xpb2nvzA1E0MsNHEvhnivsZr78JmOQzq6cNdR1NCLnJypPNHutUL9guCGAm5VsWJU123qZof3xxRt5H_K6lIj9WMx9dZNfaoUruEoSVaYOL_tYl7Tad2vb9JmRZH8XcWUPVN_iUL_fg6J9DU_TMI3q52yduSkZ_x0QRoLJnj_Bn6sWz132O3gF6hRpvKXfAOOvaGoy4iBXc_gtcG0n0m1ggY0H2Fx3mJvv3j89gZuwjkjmUJ_uvPUxzXJsxIRmhZapAHEC-CuOGh7VaLV3Hoy70drYTIK2QYxM6QH5WgBrIvKd2GhPAzqQNBvSc8X9uIsHAn4pIC_CL6eNbpUGJgATvpY1jIgaufDXJXIN8EOYTo5lA4kFEIl1tKcxH6oow9swFAOAr1FCRLQseXIq6NlqbISdrsoDsD62uhgVT0SPV-_DVofYy1M_yfWoYr7lG42J1c3Tj0yYMZr0WTPngnCjpItuZnuELSZVapsByc8ImdwPS-UOb2Q56Dk-1hc7luM2ImS36-ZJeJ9PPH_ub_UpDZ81jeIIEqMrQPHWaQ_r310gaD_vLRPDBzjAxsinRlQ2rmROTUbU6p1NiF3ysefXqoj99UjAFT8P1L6N1E_82giRv6y2vFIuPcIzsiCR8ftCi1mgkkIIe0KOpWPmHKoIbPcln20f8icFrRfCMMNIb1XBtzYXLPu8V70dJrMhZhgymOd4y-PEMoeouXm48EMIQnbkin2TZGMPtnoKgmwiYwJ9r-to0ev5PBV7bbgu-I6EQblEO1v3AJzjncIYgZ3KPETrk5rAI2SAi5DG0Lp12rAR1vLSzYGLo6ghIZcwcsKhojgXOi9XKj0Tj27eMK0q4sPHv_zQpVyOvuSF7iImw6nWzxCXYW7yVcr15jZcBlCVN56CZ3gdbloQGgbd3BK9YuPMa9-99bmpI-8NEMwpny-qn9X4zVixl-g1_3eiu4V3HxPUexzzEBSa9j1lZYa6e6sOK7AZZYGlOXxAqRETvC79mDoH39KWzaVEdrO6_arCxuVdQC8cFmQPc30oHaRDBkIQjhc99I-d0RzxDcnOFr_LkzbjoPGtk7QAzQ-XjNRD04VcW-pbBupk4t-7RtcbtbXHGID8gQPLLcZWOExjE4kg3xx17l9nnB-eRQbCT4LVvgKva0kruCb7kKuL5LpeMmYhIWbFYWEPGRGDiVgwox6xAJn8HXQCG3Yn32BbaXopf_LQz9vSusXv8VS-Ooq_BrQw&cid=CAASJeRocPYmS3sjsBN8t7dl6fzfoBascpDK2cNjgYY4cIYNZsdg6us&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
440
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10548
x-xss-protection
0
server
cafe
etag
12800787445863738695
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:18:07 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 874E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 06:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 06:30:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F1D6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37903
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 09 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 874E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77e82c69953ef85001b925b2ca8ed91e13662627834249fb6a7a63b78325b5ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F%2F&rl=&if=false&ts=1654705527131&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.2.1654705526534.646971778&it=1654705526311&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 08 Jun 2022 16:25:27 GMT
/
www.facebook.com/tr/ Frame 488D 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 16:25:27 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
index.html
s0.2mdn.net/sadbundle/8246653690116657327/C3_DE_CUSTOM_970x250_HTML_012450_R2_IQCUSTOM/ Frame 36BE 		128 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8246653690116657327/C3_DE_CUSTOM_970x250_HTML_012450_R2_IQCUSTOM/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fe2f60f87b5d8721d0f2810387ec5b62fcb12bf481b83dd577a7185c00be0d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
597711
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
29984
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 18:23:36 GMT
expires
Thu, 01 Jun 2023 18:23:36 GMT
last-modified
Tue, 17 May 2022 15:14:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 874E 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVAGNRIkpAs4Bvsj6yW6rBOZPYX463AEp3kj-7iRE5kC4GT3Y_wJXUwtpd1wwDLKnAi3Lah_B_m0n2Sem1Dl2CmkeMGcXdcsZTQEhtvKRhL8PAqGCP2F20Zsnp-xiCrhMmraKIYOX2nOj9ZvrFA8BU4ZOVOG4-G9jRbloS3BREll6p7bmpXMH6NCGq35gglU_lWc3mNPT3NWWDsZxPP4cm2hrRpHokYbreTJg8oxgg2tcv1VcmU_jboT5OKG_U52AIxfbvePwRDU7V6IPTf1M4JOwGqj_5uJBXn6WchDfOGUqm2VK9E4FxlrcyQqPpBrUYjmRbzLmi1y-ALwgn60Qmdzttx-kLwLzSeY9m0TjDKLPndRIlyBR1I5oxj4knjMWaJHTL879LA2BTlZ7l3NuP19stziIruKlqcdSNLVYo00altXAiCdS2IkEQu7fBAW0ts9CreJ0SvsTLvkWzBB9rU4EjEFjsO7Fjj0HF_gOI7r3noyMb1sYRwK9rld3aGQIKJ78h6ecCJE0q-X9RPP3uxAEcAJ08EQCHsnctsNVI6EE7zMuJ_aykSdjd4uVI0rc_Q4PhYEU2y4lNPg_qUJEeSB6Ghhjc6mtBeWw-BB2eBtDfzyN33ZxQqwKy4KKIdkmLHbEw7LLpjnz5GB1ugZ2WET6X2p10zra-tmyymWxwZdqdBazzxFDp2arj_6ZAqLtQvDl4O-TYKUwQBRHSZXZ4QBOncTznPEzZw0UL5NxtjaScWeKcl7PO2HsQbP6K5iBz71mr53iEsHmJcRFBBDseUfrL3OQ23ysiOVc9e765xjEWlypplkJRLjDdlnD8tgnyhWTZnmy_xySnAHKk5Sov9RL-fzzE4ThXXp3kxv2IZNkW1papLkft6o_IakegaZz6zDCmUvMFUsvFSWBsW2J6UmJHUd1843dXUPoyxZIyxOqKNm1N2fxmeE8B9fXTkj73MJPRRapADzpMw45AIj9YsOBiysfXctUAgNCSE3WNIJcUMNUKFrdNxZPxRLCeKAiTgrPcYkPN88il0FQmWjReyhwEBbparn74uuoMIVct4f33sFHFXS9-SSdGIOQ_KTg0wTYR2fPzDGFjNTluCxnTMMG0cQ5DUr7_OJhU9kw59OG6wQv-YheZ265hQPEXTsNoCCiOlwxQ1poyYJ2ljgyxWnNHPHVj9Pv-NdyBFJvLhSUnPYA&sai=AMfl-YRiKIG6WQ4DGs3kMTmfA5KZ8RZPVsIDyVn7f353k6v27i4TBo6owuSlxIQUwx0G4Uz6VHxoN8DXjFRgrf6A4eWQvenW8Q5PcfUG1QxxVK2o4r40qJgH04nZl53ehldUQ7H7KuXSjie7uhIxkNQ85qDmVs1WWzesZVNFLx_vPws1cV2xeoict4cJRw1XadS4kmGjnWclZy6mBpi5yD23Mscj&sig=Cg0ArKJSzC7_jpyQaUbVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=132&cbvp=1&cstd=129&cisv=r20220606.20298&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 08 Jun 2022 16:25:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0F17 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
35722
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 06:30:05 GMT
expires
Thu, 08 Jun 2023 06:30:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame F1D6
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAWJcTo5j3JmzKFmsLWiE5I&google_cver=1&google_push=AYg5qPIak4f6YkxQmBTXSgbwbqYvS5vqC5uqCtmWLy3Hc13vUDLS4dBp8u...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIak4f6YkxQmBTXSgbwbqYvS5vqC5uqCtmWLy3Hc13vUDLS4dBp8uCAFmlLOWyqnBPropSsWCXZm5ZqtOfrDQQH3vd4d64hRw&google_hm=0TFkqecptH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIak4f6YkxQmBTXSgbwbqYvS5vqC5uqCtmWLy3Hc13vUDLS4dBp8uCAFmlLOWyqnBPropSsWCXZm5ZqtOfrDQQH3vd4d64hRw&google_hm=0TFkqecptH6tUotdO9eknQ
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIak4f6YkxQmBTXSgbwbqYvS5vqC5uqCtmWLy3Hc13vUDLS4dBp8uCAFmlLOWyqnBPropSsWCXZm5ZqtOfrDQQH3vd4d64hRw&google_hm=0TFkqecptH6tUotdO9eknQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F1D6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBCR9_r3_bOWEvLL47l5xes&google_cver=1&google_push=AYg5qPLO84x8lQpX5G8yo33hNtt0XhJRxHp5oVbfLycCGu1wOBQ8hZfbPQB4F7mVtplneFa0kKPqDZIu3DQr-rVJ_krp...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBCR9_r3_bOWEvLL47l5xes&google_cver=1&google_push=AYg5qPLO84x8lQpX5G8yo33hNtt0XhJRxHp5oVbfLycCGu1wOBQ8hZfbPQB4F7mVtplneFa0kKPqDZIu3DQr-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLO84x8lQpX5G8yo33hNtt0XhJRxHp5oVbfLycCGu1wOBQ8hZfbPQB4F7mVtplneFa0kKPqDZIu3DQr-rVJ_krpkFJg3s2KEA&google_hm=mZCYqfGyTQmgP00Y2Sm7-A==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLO84x8lQpX5G8yo33hNtt0XhJRxHp5oVbfLycCGu1wOBQ8hZfbPQB4F7mVtplneFa0kKPqDZIu3DQr-rVJ_krpkFJg3s2KEA&google_hm=mZCYqfGyTQmgP00Y2Sm7-A==
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLO84x8lQpX5G8yo33hNtt0XhJRxHp5oVbfLycCGu1wOBQ8hZfbPQB4F7mVtplneFa0kKPqDZIu3DQr-rVJ_krpkFJg3s2KEA&google_hm=mZCYqfGyTQmgP00Y2Sm7-A==
Date
Wed, 08 Jun 2022 16:25:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame F1D6 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESELx94G-1lmG4Z03EGlyR6KQ&google_cver=1&google_push=AYg5qPJEXxKFWAmr4VB81faDjitSgGQRGgGVFNstm9FCqHPWxxN7m8MPNWHk_eQZ4AvlX-jPXL4qB8dvuewPmOFWfLtmTpYAJ66C
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Jun 2022 16:25:27 GMT
pixel
cm.g.doubleclick.net/ Frame F1D6
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIHtTmBIZoGx3z_Q_YsH_zw&google_cver=1&google_push=AYg5qPL8kyDy58A8bwIXGEajR9zNUfOYy3c0PbinR0F4nGdelDV1Um1vRhV_NGiRAnHu1VQ-C0ck0o22Rt2Kk0TadKzg6h9...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL8kyDy58A8bwIXGEajR9zNUfOYy3c0PbinR0F4nGdelDV1Um1vRhV_NGiRAnHu1VQ-C0ck0o22Rt2Kk0TadKzg6h9KnA1ilw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL8kyDy58A8bwIXGEajR9zNUfOYy3c0PbinR0F4nGdelDV1Um1vRhV_NGiRAnHu1VQ-C0ck0o22Rt2Kk0TadKzg6h9KnA1ilw
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL8kyDy58A8bwIXGEajR9zNUfOYy3c0PbinR0F4nGdelDV1Um1vRhV_NGiRAnHu1VQ-C0ck0o22Rt2Kk0TadKzg6h9KnA1ilw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame F1D6 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEB_1JnqX9jobmUZvX8jgByE&google_cver=1&google_push=AYg5qPLeF4hXpotOqKbeykd9dYkqaJYjkEbP2GQKpD3qDx17leYkhmGUxL_Fyz66Iclep_exHGIFwtoHEhHNI4KvarLDBuy1L5mz
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
frpbael1d30qk88fv11hc0ofvcevv73v
pixel
cm.g.doubleclick.net/ Frame F1D6
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Ul2Pw2KRcym1lGpXk2tMA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Ul2Pw2KRcym1lGpXk2tMA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL2fom89ujkcfLvhR8ncF9feT20u8BhCz2Dce_4Sc-tyfPAF0mtGnXYVL-kZZ9tQtTlUd-iSv5oxZT-76G9LiN8pZ2fRuJ4
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Ul2Pw2KRcym1lGpXk2tMA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL2fom89ujkcfLvhR8ncF9feT20u8BhCz2Dce_4Sc-tyfPAF0mtGnXYVL-kZZ9tQtTlUd-iSv5oxZT-76G9LiN8pZ2fRuJ4
date
Wed, 08 Jun 2022 16:25:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame F1D6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC94Ig94OKw5Bsgl8VAxABc&google_cver=1&google_push=AYg5qPJv7RfEmbKnzrnFcaNQEmAgqHZruvNYQwKzAbUITk3ANl4ELwHFvTOhE0lyYAB-gnkUHuu...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ1U1k0NVktVi1VR1g=&google_push=AYg5qPJv7RfEmbKnzrnFcaNQEmAgqHZruvNYQwKzAbUITk3ANl4ELwHFvTOhE0lyYAB-gnkUHuutrRuswcHWFSrj5AjEvfiDt0bv
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ1U1k0NVktVi1VR1g=&google_push=AYg5qPJv7RfEmbKnzrnFcaNQEmAgqHZruvNYQwKzAbUITk3ANl4ELwHFvTOhE0lyYAB-gnkUHuutrRuswcHWFSrj5AjEvfiDt0bv
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ1U1k0NVktVi1VR1g=&google_push=AYg5qPJv7RfEmbKnzrnFcaNQEmAgqHZruvNYQwKzAbUITk3ANl4ELwHFvTOhE0lyYAB-gnkUHuutrRuswcHWFSrj5AjEvfiDt0bv
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame F1D6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KWr5QHsomxhQRhRAsAcgtwDCJWCx2coh7tk3PJ1_Vo84gp5dPJ2Hp7UU-I_opnTQHw4ciD
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 36BE 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8246653690116657327/C3_DE_CUSTOM_970x250_HTML_012450_R2_IQCUSTOM/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8246653690116657327/C3_DE_CUSTOM_970x250_HTML_012450_R2_IQCUSTOM/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 21:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Jun 2022 21:22:52 GMT
CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
pagead2.googlesyndication.com/bg/ Frame 0F17 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a7a1902cf0b2c62dd8999afc07e491bed0e97e18f790feeb4a222d4e40509bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
23219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13857
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 09:58:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 874E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVAGNRIkpAs4Bvsj6yW6rBOZPYX463AEp3kj-7iRE5kC4GT3Y_wJXUwtpd1wwDLKnAi3Lah_B_m0n2Sem1Dl2CmkeMGcXdcsZTQEhtvKRhL8PAqGCP2F20Zsnp-xiCrhMmraKIYOX2nOj9ZvrFA8BU4ZOVOG4-G9jRbloS3BREll6p7bmpXMH6NCGq35gglU_lWc3mNPT3NWWDsZxPP4cm2hrRpHokYbreTJg8oxgg2tcv1VcmU_jboT5OKG_U52AIxfbvePwRDU7V6IPTf1M4JOwGqj_5uJBXn6WchDfOGUqm2VK9E4FxlrcyQqPpBrUYjmRbzLmi1y-ALwgn60Qmdzttx-kLwLzSeY9m0TjDKLPndRIlyBR1I5oxj4knjMWaJHTL879LA2BTlZ7l3NuP19stziIruKlqcdSNLVYo00altXAiCdS2IkEQu7fBAW0ts9CreJ0SvsTLvkWzBB9rU4EjEFjsO7Fjj0HF_gOI7r3noyMb1sYRwK9rld3aGQIKJ78h6ecCJE0q-X9RPP3uxAEcAJ08EQCHsnctsNVI6EE7zMuJ_aykSdjd4uVI0rc_Q4PhYEU2y4lNPg_qUJEeSB6Ghhjc6mtBeWw-BB2eBtDfzyN33ZxQqwKy4KKIdkmLHbEw7LLpjnz5GB1ugZ2WET6X2p10zra-tmyymWxwZdqdBazzxFDp2arj_6ZAqLtQvDl4O-TYKUwQBRHSZXZ4QBOncTznPEzZw0UL5NxtjaScWeKcl7PO2HsQbP6K5iBz71mr53iEsHmJcRFBBDseUfrL3OQ23ysiOVc9e765xjEWlypplkJRLjDdlnD8tgnyhWTZnmy_xySnAHKk5Sov9RL-fzzE4ThXXp3kxv2IZNkW1papLkft6o_IakegaZz6zDCmUvMFUsvFSWBsW2J6UmJHUd1843dXUPoyxZIyxOqKNm1N2fxmeE8B9fXTkj73MJPRRapADzpMw45AIj9YsOBiysfXctUAgNCSE3WNIJcUMNUKFrdNxZPxRLCeKAiTgrPcYkPN88il0FQmWjReyhwEBbparn74uuoMIVct4f33sFHFXS9-SSdGIOQ_KTg0wTYR2fPzDGFjNTluCxnTMMG0cQ5DUr7_OJhU9kw59OG6wQv-YheZ265hQPEXTsNoCCiOlwxQ1poyYJ2ljgyxWnNHPHVj9Pv-NdyBFJvLhSUnPYA&sai=AMfl-YRiKIG6WQ4DGs3kMTmfA5KZ8RZPVsIDyVn7f353k6v27i4TBo6owuSlxIQUwx0G4Uz6VHxoN8DXjFRgrf6A4eWQvenW8Q5PcfUG1QxxVK2o4r40qJgH04nZl53ehldUQ7H7KuXSjie7uhIxkNQ85qDmVs1WWzesZVNFLx_vPws1cV2xeoict4cJRw1XadS4kmGjnWclZy6mBpi5yD23Mscj&sig=Cg0ArKJSzC7_jpyQaUbVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=225&vt=11&dtpt=93&dett=3&cstd=129&cisv=r20220606.20298&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Jun 2022 16:25:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Lars_686x357.jpg
s0.2mdn.net/sadbundle/8246653690116657327/C3_DE_CUSTOM_970x250_HTML_012450_R2_IQCUSTOM/ Frame 36BE 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8246653690116657327/C3_DE_CUSTOM_970x250_HTML_012450_R2_IQCUSTOM/Lars_686x357.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b7a8d6831f351ce765439b51c5500dbf6418eb07da23aec17cf88810b85e704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8246653690116657327/C3_DE_CUSTOM_970x250_HTML_012450_R2_IQCUSTOM/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:23:37 GMT
x-content-type-options
nosniff
age
597710
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51412
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:14:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 18:23:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F17 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC8shd82gYtY21pXeA4aTsIgEAAAAADgB4AQC&bg=!-vml-b3NAAaJfvByqX47ACkAdvg8WvyM23tAkOaYUGrInFowPiWkhMb3-0veyCrdZ92EBik09nuuLQIAAABrUgAAAAFoAQeZAtaYi4KHWAmmDCBTKpt7Z-3ojA4oKjsSf9H0urV7_HrovIcgNayS1pkS7ySIqy_XTtM_0fwxBn4eHDVgD6zHZ7iCVMiAKWn8CqTO94mewi3-AEn_LZFPqpleyE7xHPq9AW2N6-gl0I1OSbYtdQgYHjLZzBnvz_m8fLMTzI7n6FIw6-cfSvahT5tagdC6Qby6-X7obgBJh2Oj8cpo6TtV2EBDosg1TgAplMyAR5HbGBPs6xDatm-Aq_eXRRsvaLP0O90r_woS4CoN57s4Tjpnxp3uMMTp6dTMiRdSZUF3fuHQn4B3TBB1-aDvfDpvdtjAHusLr5wgTaNJx2vL7VRhElm0YfOL5PkdLs_H1cZX75mElAKioUHphb5LjEGlOfEdzMdTmVbUJGqjVmiHbEiUO51J2Xj9tZwZwc0O88aZgTC2Z-pQcL8WnpvVdE-IMorOdG6pjP9DxQMp15FZhVhlbrEU8ey5EaElL6w3gM3kLcQRIPvwel3GaRpAwEk0Oy-b3O---r_sVw0jxtm0NsUV_gIjK1Xq2xq81BNTWsGdHqylysbOKvQaCaKCKF0GK7rI22pCqH5-DDN_3P9kMLWulpWQwGOPycF-6_BMhyWd8kRJiZRQxaObBppJFhIxHc5-MxBkFROQEvnIxZzBOfkNdmu_W-H2V07MYxOYT7iT4RrYFEzVMklOrZIGNbdgxlGPG9hZ1djAeS2a80vjNJFRSxSO0ENtie4B3VQcT2D9rW4uIlqVYlI_wjgyPQbeVj1WGKG76YQ4461W42HTlyxpN_svHvMTAPauTYwMZfAQsF3PoOgL1bux_yd5bQwrguqVpY9T-fM2YK3-RBex3np10UNDaxGEHLpkrcC8p7vx20Yz9Y7XLhIeTb5LpO5JkiMbb5yzWI8MCK6oQE-lO3N1KKQehwUUp3KiSABrcY7auc3bK2en3lPj6iZZWwuBIy4H4qJfPhBbHqs
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame C017 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 16:25:27 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
activeview
pagead2.googlesyndication.com/pcs/ Frame 874E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1t5GdRX4S3jfxBP9poUwrEdkNG5_QP5WlzB5YaF0IZJjAyA75kHhbxE2seycMAMfK2wsUg6vDxKq7sdRARYQm_fF-DJuZ5OxANvwHEiHoQAdeZkxb63di2hEu&sai=AMfl-YQ73l_NeEekFXLMd3ZlGWKEaGvKU5wL4UZJd3CrwQQGzhFc1zSjZDQ7EWiwofo79MenSNwS1PZnBxHRoLg4jskoNTg6k3Y4Bau-KNbgZXibsjxu828E-EIqEFhN&sig=Cg0ArKJSzOoWejzT2IqFEAE&cid=CAASJeRocPYmS3sjsBN8t7dl6fzfoBascpDK2cNjgYY4cIYNZsdg6us&id=lidar2&mcvt=1000&p=99,314,349,1284&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3131741070&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654705526932&rpt=169&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
khn.crowdad.io/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.44.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-44-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 08 Jun 2022 16:25:28 GMT
access-control-allow-credentials
true
content-length
0
events
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.44.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-44-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Wed, 08 Jun 2022 16:25:28 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame A695 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.121 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 08 Jun 2022 16:25:29 GMT
server
Google Frontend
x-cloud-trace-context
066ce7add1992079be8088561a464b49
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept
application/json
Referer
https://www.walla.co.il/
x-request-id
dc825bba-2c83-4fd2-b19b-0c320f9980eb
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
x-vad-version
0.5.29
Content-Type
application/json

Response headers

date
Wed, 08 Jun 2022 16:25:29 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
4faa576c445e2fe1860d8c9a06447a98
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Jun 2022 16:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Jun 2022 16:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		43 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1806415138199533&correlator=4090336088417297&eid=31067917%2C44761477%2C31065401%2C21065725%2C31064018&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cproducts_footer_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4&prev_iu_szs=120x600%7C160x600%2C970x90%7C970x250%7C970x550&ifi=17&adks=2273020715%2C2878636598&sfv=1-0-38&ecs=20220608&fsapi=false&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dproducts_footer_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie=ID%3Dc07c3b2962e6d216%3AT%3D1654705526%3AS%3DALNI_MZpGkJoTvT75c-Sdkd8f59DL-Whqg&abxe=1&dt=1654705529445&lmt=1654705529&dlt=1654705525814&idt=523&biw=1600&bih=1200&adxs=1480%2C315&adys=185%2C1039&ucis=h%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x0&msz=120x-1%7C970x0&fws=644%2C132&ohw=0%2C0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1330302847.1654705526&ga_sid=1654705526&ga_hid=102340873&ga_fc=true&btvi=0%7C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c62c8cb039d5156fcfb5af1e44505acba6f6f6d71f426f1c44bbfed8d8927704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18056
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 Jun 2022 16:25:29 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:29 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 Jun 2022 16:25:29 GMT
container.html
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E92 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 16:25:26 GMT
expires
Thu, 08 Jun 2023 16:25:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D893 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 16:25:26 GMT
expires
Thu, 08 Jun 2023 16:25:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 0E92 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcyAeec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT6AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhgyihtkh6zYmdEZ69y5XV0byW4FLgIVWyi8ydb10qrWfnFZcnAqrgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=ZZ1JCIU6LMs&uach_m=[UACH]&cid=CAQSPACNIrLMbqexvkHgr4fJGsMHt_RPnhI8iOIItc3vKW4WWyXs0EL316WOZSMLkJQ3Xt4joP3WtR6fiVLEbxgB
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 0E92 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k7-_E8Y1oAHYBJ2DYgICAAAARK0ooKDYpetTB8ac0wF3FhB5zaBiqZzkVawLPBbGRkUAEgAA&wp=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:29 GMT
server
Kestrel
server-processing-duration-in-ticks
180781
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5378 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3b49126715cea9a06fdfc3fa6131bf6fa70305a93c17ed021f3f659784b22085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 16:25:29 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=PUgmh2oQV1wa0SYKb-jlaKnstg1lAn-ceWPUU-9LsyB2UjY5NO0gcvknNL3nPDZDE9qttErL4K8xYCmGB-RqxyoCY5uX4H6L2uPwRGAQ39oK4dRq3M3CkmdJTmZQOderDWT1C1ImYEFU5xxfiPDoRyZpJnnRa8e4k31j79vhoEY4iqnYusVW2w1UW-eq9r-XLYpRSwd3eb-Uu6pDtQLWvwbuxEDtK6UDkzWxELiq1iruewbgyMq-EfoaL2xIYknml9msNQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
5632182
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 0E92 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2019.js
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:22:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BB3D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 09 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E92 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43419
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654515382487150"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Jun 2022 16:25:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 0E92 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:21:04 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0E92 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 06:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 08 Jun 2023 06:30:05 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D554 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNW3uLFds7zJBm4APGmgWkcxXBemLD6SLFyrLKHd_PfDx2mYhvtp0qxukivEiXQaSKHR69FXzS9-AElD9O3k_27dE6t3HQ4AivSwAnjqPfZ-wIH4Ro38PkCPoDU9d9SQs6TvOyXubGYauP4o5HdSLIJzrLvJHj3-eQBJa2i8vKVJlMdTQ4I
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 16:25:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D893 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B81Cd8FMg9X0WOByWNxjxgcWgkHl0qD8igwtEbMTt65YHeEl21W4nDEFZLThRFbeTtV6r5VjCs4oWhsvJd-bCRlR2Vapu8dnVIZGFVvgdSp0h_9v5UwWh-ApC5WI9omCtFoTKckvo79ILF2Zkzo76CV8mLkg&dbm_d=AKAmf-BPOeqNMw0LxTI_IskVZsjZGZoXj5jGxM3UROXGW2jC_wGFbQYiJjKb7iuy5z_VeCtjBtT0b97rV7DDb0nUxlLEHFBo5zhckF82qX5x7AL6WNnz-kU8vgVyLAeFYBTTNViV1e-aIZY5on0YaRG5q-b9lTa3wje5m8jmK48jWTMr5X4HERjzeSq_FXb7NW-LTDq1cbfGk_tWDG5EQfTYFAMHagT55q5WAhzVuEozs-csUgkqe2P1kVYSHWllfGqX7R42yVX0UOJ-k3v6_ag7PBMA4CgmeRTxVLR4sZJFmHbHCh0kJmjYPHJwazDHcjjojF4qnrFTCp4UoWDLJR7i_c9EDCwUbi5XxppOcYF6GNVINov0U4jx8F272Ig2iGsIUdqRmaMcXYakSnYYlPzWInYICyYEf6RQbG2D47i_L9DxcuBgy5WtPbWgTUBHuoZzvW8V6jvhV8xzuAPYV6f4ZyeopamRO6ZSV1j_SV1lMVHRJZdoK0KqEj5MoO59BXXsaRkEmk6yyGs8O3KEsRC6kxJZBQLLiNizFGopUkvmNhzQZ74hgBL-RpfCVzwzwOity_n3QdAlcX323N0jffktSa11r26OS4kh_KWIC6aSADG0iw8AoX3zU009Iq6SGdD94GnweyzhorHrgTk1igTnUrD09FSH52iwgfGGin8vYXlER3xGV-O28gbjJsL_0VmX4mxxN5GjmyI7bVVh2uMkFhJsErfcNrKy7bLO4gk_Ul5D65x2lsw-arCKmJlMtbjZIwHrgmJlAl-60N-L6wura0W-iH_a782judC89tXryQzrHk3kvcf_34LIYJfcuQtOLaKQ75WzjBseQCMfN4elvPXcxhTxQCZq9Ocb_hQYQKiFhPtpVDyCd-pUUuQSivS6imZaJfSXQPBcU3LuEbAfuPjQrez4PIgFjdL3yIekRtQmhjda7rmq20cWVXtfvw8eVSBpsnioSwEosirTG4CxmaADioDrG1LNJ3F7ZBrkO-5IJGlNGERHWiK3lZ4Z_-EfVxxOjoXNXW7PwkSAeAjSol8H2Lmld43NSgr1p6aiQqzmLOCuyj9fVwsVJGXQGl7L6e4NCbh8Pk9JXuKNoeaAIz6k3vi4Uo1cWdi7FQ_SDxUeO5zjZRnhV0UD1A1Idyqqz7TK-dxSffCn4dveIEq1gri3HCZI8hI_mn3TIYZuZ07al7BO0QD_D0VsA2VBKk1fdhDtSDZzJlrnIkYoqKW7uwMGdz5k_9jL866bOzkwCO2TCquwDZKi-gZ8Kly63bVa90jjWqkN5di4H9vIjkj6KSP_XuRvkBTEx9D7XuXoTknBeP35z0V7LmeEMHYcqjFS0hV_wbyGaGi46BqhXRTrail3lmCYqW1eJAGXjUkxGZbN_iZ-oPdvscNiE_9lnPnUFZtHByl0Up1I6SRSEgOw-YaTFLbtFNVIZJZus3d4T9gAP_epHgwp84JpSh7ClBMEcPyM-QNdg-I6i0MSxoiVdglW0usogC5wn_33W0ybWghQjha9lSGdPA4c4C3nZLgoxrhFLD0ZIgebeRLYPAnFEYvG7r-gkR02tkNrTFCtgnlCA6Qj46IA-Mqg3rLI5cvbWldEHcKDt0q0RpwjZmcibK1A_giWQmnOqXiLC8IqGKfpowvzv4Xupfvvhh945-KK2xTLabvXjBDeL7M3F-ko6_haeTem40072vWbVN0HWwbYp2vV6Ss8_OQ9EmC2pvug4LZDmMwblT8DMTObrE_qg4pvENb-TrZPYDlCsyOUgizr_ZIk9DXQ_1iVagte5QNzs9V-HAHVVpSfAPrTss5nDUCC6NVh8U8xKhZmaOjW5L4Ylbx2Y3mZ8gd0Y5qKRgjafeKvhIMwivyKjn4R1xTCYCpo77OyVLIarg5gym09a7-HOdrkcD0NmtXKbUe-oY26anp3LLaE4AgvZRoD35cl_m1fl1T9EMBvUkCAfftuj3W7tLLh3HcBKLqQemO52JBRSd6ncGF2EU4kT363r4mwSEU6ihWaO8riB1QYCotjvZTAcxO7pmBmPYBQ2P7s0UjtkFySLYCgqL1jwKqoYdDIOyvA3RWKCAvWr8lRtGAgeLF1nA4KKY3Fj4pZ4z8CpO2iEMcREbCF5ZbRQPM1pTaisHLkyOWO5PAyH3iD6Uf5V7mD3HqV3Pje36sOMrGxNMGQT8tXEDb-bcUf7RURp_DDPqVJEDFXL6hQRy9eGtHTYMOLfOkHTFwyvXG-ndPLvPMyzfIzRcYQehSSs4vQ5HkKDKcAYIaCOZsu2wu4Bv5llEGoIdXjJXPmekcdHOZ3AcDCzsPSdEGj6yDyXYT1LoV9JmGv2H153Xpx4s5xKaf54G6UEI8QW3ecqpHvg6vCY8Ue5MUrxRzvbKf76q361-tqdtjsRDBxNgBBRTie7UWcohNUZDWJUHNokSbQ24pqf60QU9sS94xGQmI7pIPJj4zII0FC_Bd2sSG076gnGLOsUgqrSrtT1EtZQ0aX8DMgRlnmBTKFePYM1U2zfQiBFPkebUdMkwWwAXvbmEHTppUFSfqawWIUto66uEfjj4KShEXW_EO3hFFF0DbNp8swT7IP_IDXyVphtJGVpE1PnciGtnOu4v00QRWblOfY0rq_ElVlFVDthSNJxlT6ogKeeh9GTX9i6RppllLMVptF2gxCvLFCznQh8-_OjwR_TyCP_-CS4zQil2XI3kzdWOFWmSAh1RXWlbZt4P1PEOBo6WUFudqsZLz-cOixkD61yKhCBryC6Gb7hnw72gfcCb3EGt-ppXsFJgw7ueJ0twzOyJPdNzxwSWWEJMCn3kxCLan0UAYRxboAGe8YD8dlFYbBmGW_K2Q2iyhGKo1Rals2dpJES3gVQNxQ6szZPRG4SZ_CuFwAdgDe5q1ykB5yADaFkfK1IIgzZMY1GPDt5NeiZ87-Luond7-5Ji0QJeAqXXWjHpyeZFPEz9Y4NffSa0XNUPeOUlSqUtmx0MZqBRHCjbCC4AnZuWuoOeHIhNS7xir8EvGQCPWD0ZfjtrQJ9MCHtN4AzYGePDLB1dJk27U1TV0mQWV7coA4MX0kdRl-0fvLXNLQm-HqM1_d74ArUBB8bCGJlywRBiBzLPEt1A1MaJbRPkccFMyjX-n53FnzZQqhoSxHBZBNXGwCZxhw-jPxBR0jH-1Fk6pFAS7tdFPbx6tZfJJa7oiSpltCVegFqGNgEDOqQ1OglioJ4cgV9cfIlz93D15DV05meSVFLD478I6pctJzkc6n9iTqTimvRA7exidNtpBrX9XqMK3fCpkaD62mHFXvyoEwLa9nXMromlbnjyBr7gzrY4bRExMW6GLl4feKWDIr4uKzr8_7_oNfoIYqbnz1p1NDzvrHWI2V1yL5nlGjV6mOohR1EAf5hTpuFyUzkdr4rZ01I7eYvjztuWi0mr9X3j6_HxLzqt_TdSBozNilRe8Il1xIKrhJKXyhexqzXETsI1ATJVaq-x3jtD5lj9WW4RNpBAquXMr14VaGyU_vZCztEhRbyundZ2z7C2NFK_bJX1FAHjQVVf-V8VNUcja2KwZ5GQ&cid=CAASJeRoLT79ZhQo_NpbsLklYsliPEtYBbpi9xTZEwUiZEs-G4MQW28&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f75ab28c38a6686f3fd85b30d8d0dceccf98b0c51bc3d978a667a072c47650a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35673
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D893 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BnZHXd4y6FifnTEi2Z0eBgqV1WcP3TFvgjYKdufLkAxO0VE11VEbSbJiM2v6ewEwtoz6yrtM6Hjp62E9c3OBBEUGgbjZXqs73yOXtnQIfZeBcNsyA
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame D893 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2019.js
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:22:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D893 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43419
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654515382487150"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Jun 2022 16:25:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame D893 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:21:04 GMT
l
www.google.com/ads/measurement/ Frame D893 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMckfri8f12QWIkclfrr3XVf_uDJPF0acf8YPbTc9OB7Va51iDtRQbEQKEBydN7d4CYsMa1kfOTNSBqIQ3JfyFMJzPpg
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
dpixel
cms.quantserve.com/ Frame BB3D 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAWJcTo5j3JmzKFmsLWiE5I&google_cver=1&google_push=AYg5qPIIN_9PVCzKmMZ56whLk03ExlZQnNaifKz8kpcY6tnPb_5gkbymjKyvdIbz66OmtD3pbAViJhQ2trOeDQ05bqD_TN27k_Zo7Q
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
cm
a.rfihub.com/ Frame BB3D
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEO9UTGUO4x7Z9d9T7LKhRwE&google_cver=1&google_push=AYg5qPIRyWRKvdLziTW7thfice7UQT1qc272XUMOzpYsFpCW0hxbp88HMi1BLr6EWeYKCIZzDYZNfYT4x4RXiduuy5u8TvM...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPIRyWRKvdLziTW7thfice7UQT1qc272XUMOzpYsFpCW0hxbp88HMi1BLr6EWeYKCIZzDYZNfYT4x4RXiduuy5u8TvMOGz5CYQ&google_hm=NDAwNjk1N...
  • https://a.rfihub.com/cm?pub=445&google_error=5
42 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&google_error=5
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 08 Jun 2022 16:25:30 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame BB3D 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJjbD7VQEHM4R2gf3UBkXW4&google_cver=1&google_push=AYg5qPIX8u2mpo1D0Ney1nJfomnC_wTbmWRW2R6d6Nny7RCjTXwcKlW_Il0TGSgTYQiPNDaxwF_6oSou_2VPbdduvthPceiZCTSWzQ
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame BB3D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDV3Otpm1-mmJNGkU51xfj4&google_cver=1&google_push=AYg5qPIt292StbWv87Z7I2NYdNApELNADcqTkfF3n2eHwIbq-YrQCEXjmvI7g38sWoCgUs5d-HGIDKE7KfmbS8...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwNjkwNjEzMTU5NDAxNjkxOQ%3D%3D&google_push=AYg5qPIt292StbWv87Z7I2NYdNApELNADcqTkfF3n2eHwIbq-YrQCEXjmvI7g38sWoCgUs5d-HGIDKE7KfmbS8apD3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwNjkwNjEzMTU5NDAxNjkxOQ%3D%3D&google_push=AYg5qPIt292StbWv87Z7I2NYdNApELNADcqTkfF3n2eHwIbq-YrQCEXjmvI7g38sWoCgUs5d-HGIDKE7KfmbS8apD3CK0gXMlcpgcA
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwNjkwNjEzMTU5NDAxNjkxOQ%3D%3D&google_push=AYg5qPIt292StbWv87Z7I2NYdNApELNADcqTkfF3n2eHwIbq-YrQCEXjmvI7g38sWoCgUs5d-HGIDKE7KfmbS8apD3CK0gXMlcpgcA
Date
Wed, 08 Jun 2022 16:25:29 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
gg_pixel
sync.adaptv.advertising.com/ Frame BB3D 		0
0
pixel
cm.g.doubleclick.net/ Frame BB3D
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIHtTmBIZoGx3z_Q_YsH_zw&google_cver=1&google_push=AYg5qPL78-2j11Mt0C10j0Su_YV8AVZgcij3oJAk6Ib6wGMnbMz7bZq4_UCvEAYFHwMi6IgUoy-8tctmoZKrAsx-aJU9MhJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL78-2j11Mt0C10j0Su_YV8AVZgcij3oJAk6Ib6wGMnbMz7bZq4_UCvEAYFHwMi6IgUoy-8tctmoZKrAsx-aJU9MhJ_HPAumQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL78-2j11Mt0C10j0Su_YV8AVZgcij3oJAk6Ib6wGMnbMz7bZq4_UCvEAYFHwMi6IgUoy-8tctmoZKrAsx-aJU9MhJ_HPAumQ
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL78-2j11Mt0C10j0Su_YV8AVZgcij3oJAk6Ib6wGMnbMz7bZq4_UCvEAYFHwMi6IgUoy-8tctmoZKrAsx-aJU9MhJ_HPAumQ
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame BB3D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0YGxFQ8Vhwcz1kZ8QBYECs5fW6_6bgG37yqyAUarHfJsyu7T3Fzp8nCRCF79I6A
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame D554
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP80MhAAxxWbGMb2SQ8XJGI&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP80MhAAxxWbGMb2SQ8XJGI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNW3uLFds7zJBm4APGmgWkcxXBemLD6SLFyrLKHd_PfDx2mYhvtp0qxukivEiXQaSKHR69FXzS9-AElD9O3k_27dE6t3HQ4AivSwAnjqPfZ-wIH4Ro38PkCPoDU9d9SQs6TvOyXubGYauP4o5HdSLIJzrLvJHj3-eQBJa2i8vKVJlMdTQ4I
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP80MhAAxxWbGMb2SQ8XJGI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame D554 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNW3uLFds7zJBm4APGmgWkcxXBemLD6SLFyrLKHd_PfDx2mYhvtp0qxukivEiXQaSKHR69FXzS9-AElD9O3k_27dE6t3HQ4AivSwAnjqPfZ-wIH4Ro38PkCPoDU9d9SQs6TvOyXubGYauP4o5HdSLIJzrLvJHj3-eQBJa2i8vKVJlMdTQ4I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame D554
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFWO3HTfYMrvZSKsTRsAGkQ&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFWO3HTfYMrvZSKsTRsAGkQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNW3uLFds7zJBm4APGmgWkcxXBemLD6SLFyrLKHd_PfDx2mYhvtp0qxukivEiXQaSKHR69FXzS9-AElD9O3k_27dE6t3HQ4AivSwAnjqPfZ-wIH4Ro38PkCPoDU9d9SQs6TvOyXubGYauP4o5HdSLIJzrLvJHj3-eQBJa2i8vKVJlMdTQ4I
Protocol
H2
Server
104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-106-130.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 08 Jun 2022 16:25:29 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFWO3HTfYMrvZSKsTRsAGkQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame D554 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNW3uLFds7zJBm4APGmgWkcxXBemLD6SLFyrLKHd_PfDx2mYhvtp0qxukivEiXQaSKHR69FXzS9-AElD9O3k_27dE6t3HQ4AivSwAnjqPfZ-wIH4Ro38PkCPoDU9d9SQs6TvOyXubGYauP4o5HdSLIJzrLvJHj3-eQBJa2i8vKVJlMdTQ4I
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-106-130.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 08 Jun 2022 16:25:29 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
skeleton.js
fw.adsafeprotected.com/rjss/st/996673/61756196/ Frame D893 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/996673/61756196/skeleton.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.82.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-82-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
35c1f58a87d5cfeee55d31da54a7922a64dc1a565a7aacaf009b15b1daa77aae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D893 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Origin
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Jun 2022 11:09:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220606/r20110914/elements/html/ Frame D893 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220606/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B81Cd8FMg9X0WOByWNxjxgcWgkHl0qD8igwtEbMTt65YHeEl21W4nDEFZLThRFbeTtV6r5VjCs4oWhsvJd-bCRlR2Vapu8dnVIZGFVvgdSp0h_9v5UwWh-ApC5WI9omCtFoTKckvo79ILF2Zkzo76CV8mLkg&dbm_d=AKAmf-BPOeqNMw0LxTI_IskVZsjZGZoXj5jGxM3UROXGW2jC_wGFbQYiJjKb7iuy5z_VeCtjBtT0b97rV7DDb0nUxlLEHFBo5zhckF82qX5x7AL6WNnz-kU8vgVyLAeFYBTTNViV1e-aIZY5on0YaRG5q-b9lTa3wje5m8jmK48jWTMr5X4HERjzeSq_FXb7NW-LTDq1cbfGk_tWDG5EQfTYFAMHagT55q5WAhzVuEozs-csUgkqe2P1kVYSHWllfGqX7R42yVX0UOJ-k3v6_ag7PBMA4CgmeRTxVLR4sZJFmHbHCh0kJmjYPHJwazDHcjjojF4qnrFTCp4UoWDLJR7i_c9EDCwUbi5XxppOcYF6GNVINov0U4jx8F272Ig2iGsIUdqRmaMcXYakSnYYlPzWInYICyYEf6RQbG2D47i_L9DxcuBgy5WtPbWgTUBHuoZzvW8V6jvhV8xzuAPYV6f4ZyeopamRO6ZSV1j_SV1lMVHRJZdoK0KqEj5MoO59BXXsaRkEmk6yyGs8O3KEsRC6kxJZBQLLiNizFGopUkvmNhzQZ74hgBL-RpfCVzwzwOity_n3QdAlcX323N0jffktSa11r26OS4kh_KWIC6aSADG0iw8AoX3zU009Iq6SGdD94GnweyzhorHrgTk1igTnUrD09FSH52iwgfGGin8vYXlER3xGV-O28gbjJsL_0VmX4mxxN5GjmyI7bVVh2uMkFhJsErfcNrKy7bLO4gk_Ul5D65x2lsw-arCKmJlMtbjZIwHrgmJlAl-60N-L6wura0W-iH_a782judC89tXryQzrHk3kvcf_34LIYJfcuQtOLaKQ75WzjBseQCMfN4elvPXcxhTxQCZq9Ocb_hQYQKiFhPtpVDyCd-pUUuQSivS6imZaJfSXQPBcU3LuEbAfuPjQrez4PIgFjdL3yIekRtQmhjda7rmq20cWVXtfvw8eVSBpsnioSwEosirTG4CxmaADioDrG1LNJ3F7ZBrkO-5IJGlNGERHWiK3lZ4Z_-EfVxxOjoXNXW7PwkSAeAjSol8H2Lmld43NSgr1p6aiQqzmLOCuyj9fVwsVJGXQGl7L6e4NCbh8Pk9JXuKNoeaAIz6k3vi4Uo1cWdi7FQ_SDxUeO5zjZRnhV0UD1A1Idyqqz7TK-dxSffCn4dveIEq1gri3HCZI8hI_mn3TIYZuZ07al7BO0QD_D0VsA2VBKk1fdhDtSDZzJlrnIkYoqKW7uwMGdz5k_9jL866bOzkwCO2TCquwDZKi-gZ8Kly63bVa90jjWqkN5di4H9vIjkj6KSP_XuRvkBTEx9D7XuXoTknBeP35z0V7LmeEMHYcqjFS0hV_wbyGaGi46BqhXRTrail3lmCYqW1eJAGXjUkxGZbN_iZ-oPdvscNiE_9lnPnUFZtHByl0Up1I6SRSEgOw-YaTFLbtFNVIZJZus3d4T9gAP_epHgwp84JpSh7ClBMEcPyM-QNdg-I6i0MSxoiVdglW0usogC5wn_33W0ybWghQjha9lSGdPA4c4C3nZLgoxrhFLD0ZIgebeRLYPAnFEYvG7r-gkR02tkNrTFCtgnlCA6Qj46IA-Mqg3rLI5cvbWldEHcKDt0q0RpwjZmcibK1A_giWQmnOqXiLC8IqGKfpowvzv4Xupfvvhh945-KK2xTLabvXjBDeL7M3F-ko6_haeTem40072vWbVN0HWwbYp2vV6Ss8_OQ9EmC2pvug4LZDmMwblT8DMTObrE_qg4pvENb-TrZPYDlCsyOUgizr_ZIk9DXQ_1iVagte5QNzs9V-HAHVVpSfAPrTss5nDUCC6NVh8U8xKhZmaOjW5L4Ylbx2Y3mZ8gd0Y5qKRgjafeKvhIMwivyKjn4R1xTCYCpo77OyVLIarg5gym09a7-HOdrkcD0NmtXKbUe-oY26anp3LLaE4AgvZRoD35cl_m1fl1T9EMBvUkCAfftuj3W7tLLh3HcBKLqQemO52JBRSd6ncGF2EU4kT363r4mwSEU6ihWaO8riB1QYCotjvZTAcxO7pmBmPYBQ2P7s0UjtkFySLYCgqL1jwKqoYdDIOyvA3RWKCAvWr8lRtGAgeLF1nA4KKY3Fj4pZ4z8CpO2iEMcREbCF5ZbRQPM1pTaisHLkyOWO5PAyH3iD6Uf5V7mD3HqV3Pje36sOMrGxNMGQT8tXEDb-bcUf7RURp_DDPqVJEDFXL6hQRy9eGtHTYMOLfOkHTFwyvXG-ndPLvPMyzfIzRcYQehSSs4vQ5HkKDKcAYIaCOZsu2wu4Bv5llEGoIdXjJXPmekcdHOZ3AcDCzsPSdEGj6yDyXYT1LoV9JmGv2H153Xpx4s5xKaf54G6UEI8QW3ecqpHvg6vCY8Ue5MUrxRzvbKf76q361-tqdtjsRDBxNgBBRTie7UWcohNUZDWJUHNokSbQ24pqf60QU9sS94xGQmI7pIPJj4zII0FC_Bd2sSG076gnGLOsUgqrSrtT1EtZQ0aX8DMgRlnmBTKFePYM1U2zfQiBFPkebUdMkwWwAXvbmEHTppUFSfqawWIUto66uEfjj4KShEXW_EO3hFFF0DbNp8swT7IP_IDXyVphtJGVpE1PnciGtnOu4v00QRWblOfY0rq_ElVlFVDthSNJxlT6ogKeeh9GTX9i6RppllLMVptF2gxCvLFCznQh8-_OjwR_TyCP_-CS4zQil2XI3kzdWOFWmSAh1RXWlbZt4P1PEOBo6WUFudqsZLz-cOixkD61yKhCBryC6Gb7hnw72gfcCb3EGt-ppXsFJgw7ueJ0twzOyJPdNzxwSWWEJMCn3kxCLan0UAYRxboAGe8YD8dlFYbBmGW_K2Q2iyhGKo1Rals2dpJES3gVQNxQ6szZPRG4SZ_CuFwAdgDe5q1ykB5yADaFkfK1IIgzZMY1GPDt5NeiZ87-Luond7-5Ji0QJeAqXXWjHpyeZFPEz9Y4NffSa0XNUPeOUlSqUtmx0MZqBRHCjbCC4AnZuWuoOeHIhNS7xir8EvGQCPWD0ZfjtrQJ9MCHtN4AzYGePDLB1dJk27U1TV0mQWV7coA4MX0kdRl-0fvLXNLQm-HqM1_d74ArUBB8bCGJlywRBiBzLPEt1A1MaJbRPkccFMyjX-n53FnzZQqhoSxHBZBNXGwCZxhw-jPxBR0jH-1Fk6pFAS7tdFPbx6tZfJJa7oiSpltCVegFqGNgEDOqQ1OglioJ4cgV9cfIlz93D15DV05meSVFLD478I6pctJzkc6n9iTqTimvRA7exidNtpBrX9XqMK3fCpkaD62mHFXvyoEwLa9nXMromlbnjyBr7gzrY4bRExMW6GLl4feKWDIr4uKzr8_7_oNfoIYqbnz1p1NDzvrHWI2V1yL5nlGjV6mOohR1EAf5hTpuFyUzkdr4rZ01I7eYvjztuWi0mr9X3j6_HxLzqt_TdSBozNilRe8Il1xIKrhJKXyhexqzXETsI1ATJVaq-x3jtD5lj9WW4RNpBAquXMr14VaGyU_vZCztEhRbyundZ2z7C2NFK_bJX1FAHjQVVf-V8VNUcja2KwZ5GQ&cid=CAASJeRoLT79ZhQo_NpbsLklYsliPEtYBbpi9xTZEwUiZEs-G4MQW28&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:18:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220606/r20110914/ Frame D893 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220606/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B81Cd8FMg9X0WOByWNxjxgcWgkHl0qD8igwtEbMTt65YHeEl21W4nDEFZLThRFbeTtV6r5VjCs4oWhsvJd-bCRlR2Vapu8dnVIZGFVvgdSp0h_9v5UwWh-ApC5WI9omCtFoTKckvo79ILF2Zkzo76CV8mLkg&dbm_d=AKAmf-BPOeqNMw0LxTI_IskVZsjZGZoXj5jGxM3UROXGW2jC_wGFbQYiJjKb7iuy5z_VeCtjBtT0b97rV7DDb0nUxlLEHFBo5zhckF82qX5x7AL6WNnz-kU8vgVyLAeFYBTTNViV1e-aIZY5on0YaRG5q-b9lTa3wje5m8jmK48jWTMr5X4HERjzeSq_FXb7NW-LTDq1cbfGk_tWDG5EQfTYFAMHagT55q5WAhzVuEozs-csUgkqe2P1kVYSHWllfGqX7R42yVX0UOJ-k3v6_ag7PBMA4CgmeRTxVLR4sZJFmHbHCh0kJmjYPHJwazDHcjjojF4qnrFTCp4UoWDLJR7i_c9EDCwUbi5XxppOcYF6GNVINov0U4jx8F272Ig2iGsIUdqRmaMcXYakSnYYlPzWInYICyYEf6RQbG2D47i_L9DxcuBgy5WtPbWgTUBHuoZzvW8V6jvhV8xzuAPYV6f4ZyeopamRO6ZSV1j_SV1lMVHRJZdoK0KqEj5MoO59BXXsaRkEmk6yyGs8O3KEsRC6kxJZBQLLiNizFGopUkvmNhzQZ74hgBL-RpfCVzwzwOity_n3QdAlcX323N0jffktSa11r26OS4kh_KWIC6aSADG0iw8AoX3zU009Iq6SGdD94GnweyzhorHrgTk1igTnUrD09FSH52iwgfGGin8vYXlER3xGV-O28gbjJsL_0VmX4mxxN5GjmyI7bVVh2uMkFhJsErfcNrKy7bLO4gk_Ul5D65x2lsw-arCKmJlMtbjZIwHrgmJlAl-60N-L6wura0W-iH_a782judC89tXryQzrHk3kvcf_34LIYJfcuQtOLaKQ75WzjBseQCMfN4elvPXcxhTxQCZq9Ocb_hQYQKiFhPtpVDyCd-pUUuQSivS6imZaJfSXQPBcU3LuEbAfuPjQrez4PIgFjdL3yIekRtQmhjda7rmq20cWVXtfvw8eVSBpsnioSwEosirTG4CxmaADioDrG1LNJ3F7ZBrkO-5IJGlNGERHWiK3lZ4Z_-EfVxxOjoXNXW7PwkSAeAjSol8H2Lmld43NSgr1p6aiQqzmLOCuyj9fVwsVJGXQGl7L6e4NCbh8Pk9JXuKNoeaAIz6k3vi4Uo1cWdi7FQ_SDxUeO5zjZRnhV0UD1A1Idyqqz7TK-dxSffCn4dveIEq1gri3HCZI8hI_mn3TIYZuZ07al7BO0QD_D0VsA2VBKk1fdhDtSDZzJlrnIkYoqKW7uwMGdz5k_9jL866bOzkwCO2TCquwDZKi-gZ8Kly63bVa90jjWqkN5di4H9vIjkj6KSP_XuRvkBTEx9D7XuXoTknBeP35z0V7LmeEMHYcqjFS0hV_wbyGaGi46BqhXRTrail3lmCYqW1eJAGXjUkxGZbN_iZ-oPdvscNiE_9lnPnUFZtHByl0Up1I6SRSEgOw-YaTFLbtFNVIZJZus3d4T9gAP_epHgwp84JpSh7ClBMEcPyM-QNdg-I6i0MSxoiVdglW0usogC5wn_33W0ybWghQjha9lSGdPA4c4C3nZLgoxrhFLD0ZIgebeRLYPAnFEYvG7r-gkR02tkNrTFCtgnlCA6Qj46IA-Mqg3rLI5cvbWldEHcKDt0q0RpwjZmcibK1A_giWQmnOqXiLC8IqGKfpowvzv4Xupfvvhh945-KK2xTLabvXjBDeL7M3F-ko6_haeTem40072vWbVN0HWwbYp2vV6Ss8_OQ9EmC2pvug4LZDmMwblT8DMTObrE_qg4pvENb-TrZPYDlCsyOUgizr_ZIk9DXQ_1iVagte5QNzs9V-HAHVVpSfAPrTss5nDUCC6NVh8U8xKhZmaOjW5L4Ylbx2Y3mZ8gd0Y5qKRgjafeKvhIMwivyKjn4R1xTCYCpo77OyVLIarg5gym09a7-HOdrkcD0NmtXKbUe-oY26anp3LLaE4AgvZRoD35cl_m1fl1T9EMBvUkCAfftuj3W7tLLh3HcBKLqQemO52JBRSd6ncGF2EU4kT363r4mwSEU6ihWaO8riB1QYCotjvZTAcxO7pmBmPYBQ2P7s0UjtkFySLYCgqL1jwKqoYdDIOyvA3RWKCAvWr8lRtGAgeLF1nA4KKY3Fj4pZ4z8CpO2iEMcREbCF5ZbRQPM1pTaisHLkyOWO5PAyH3iD6Uf5V7mD3HqV3Pje36sOMrGxNMGQT8tXEDb-bcUf7RURp_DDPqVJEDFXL6hQRy9eGtHTYMOLfOkHTFwyvXG-ndPLvPMyzfIzRcYQehSSs4vQ5HkKDKcAYIaCOZsu2wu4Bv5llEGoIdXjJXPmekcdHOZ3AcDCzsPSdEGj6yDyXYT1LoV9JmGv2H153Xpx4s5xKaf54G6UEI8QW3ecqpHvg6vCY8Ue5MUrxRzvbKf76q361-tqdtjsRDBxNgBBRTie7UWcohNUZDWJUHNokSbQ24pqf60QU9sS94xGQmI7pIPJj4zII0FC_Bd2sSG076gnGLOsUgqrSrtT1EtZQ0aX8DMgRlnmBTKFePYM1U2zfQiBFPkebUdMkwWwAXvbmEHTppUFSfqawWIUto66uEfjj4KShEXW_EO3hFFF0DbNp8swT7IP_IDXyVphtJGVpE1PnciGtnOu4v00QRWblOfY0rq_ElVlFVDthSNJxlT6ogKeeh9GTX9i6RppllLMVptF2gxCvLFCznQh8-_OjwR_TyCP_-CS4zQil2XI3kzdWOFWmSAh1RXWlbZt4P1PEOBo6WUFudqsZLz-cOixkD61yKhCBryC6Gb7hnw72gfcCb3EGt-ppXsFJgw7ueJ0twzOyJPdNzxwSWWEJMCn3kxCLan0UAYRxboAGe8YD8dlFYbBmGW_K2Q2iyhGKo1Rals2dpJES3gVQNxQ6szZPRG4SZ_CuFwAdgDe5q1ykB5yADaFkfK1IIgzZMY1GPDt5NeiZ87-Luond7-5Ji0QJeAqXXWjHpyeZFPEz9Y4NffSa0XNUPeOUlSqUtmx0MZqBRHCjbCC4AnZuWuoOeHIhNS7xir8EvGQCPWD0ZfjtrQJ9MCHtN4AzYGePDLB1dJk27U1TV0mQWV7coA4MX0kdRl-0fvLXNLQm-HqM1_d74ArUBB8bCGJlywRBiBzLPEt1A1MaJbRPkccFMyjX-n53FnzZQqhoSxHBZBNXGwCZxhw-jPxBR0jH-1Fk6pFAS7tdFPbx6tZfJJa7oiSpltCVegFqGNgEDOqQ1OglioJ4cgV9cfIlz93D15DV05meSVFLD478I6pctJzkc6n9iTqTimvRA7exidNtpBrX9XqMK3fCpkaD62mHFXvyoEwLa9nXMromlbnjyBr7gzrY4bRExMW6GLl4feKWDIr4uKzr8_7_oNfoIYqbnz1p1NDzvrHWI2V1yL5nlGjV6mOohR1EAf5hTpuFyUzkdr4rZ01I7eYvjztuWi0mr9X3j6_HxLzqt_TdSBozNilRe8Il1xIKrhJKXyhexqzXETsI1ATJVaq-x3jtD5lj9WW4RNpBAquXMr14VaGyU_vZCztEhRbyundZ2z7C2NFK_bJX1FAHjQVVf-V8VNUcja2KwZ5GQ&cid=CAASJeRoLT79ZhQo_NpbsLklYsliPEtYBbpi9xTZEwUiZEs-G4MQW28&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10548
x-xss-protection
0
server
cafe
etag
12800787445863738695
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:18:07 GMT
truncated
/ Frame 0E92 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82a1dd321399f040d4f4e4d3895d395806fbac9ed34216b9b89c01e5091e795b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5378 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:30 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Jun 2023 16:25:30 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5378 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:30 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Jun 2023 16:25:30 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5378 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:30 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 03 Jun 2023 16:25:30 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5378 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:30 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 03 Jun 2023 16:25:30 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5378 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=EZHg487HvS5WAeFO554MlAwQHHY3J1hr2vY6wbab1XN2KgxiAso6MnBAzIfsoHcvnNj9bQ_JyqZRpc9Qbful6jPTSffPbbRwhSDFVI4m0a5zN_4rGLgdBdRoWdicrpaiNXVo_iU91KHX7fRZ3k6ApV5ULy2Y6L2SmKLumoI17yCGIYQTOqfTa1RkRGmj8GHOnK6z6XFEMyiEzD8A3p_oaTQqnswj-5s5HAisX6HBx9c95zIEV1-Ub4U2mh8q1X0qchRDb1coEMhrLQurKPJ8zn5Qhkc2uiPw2QuDIslSCvONw-NUUziT266noEQznd_V5iW7O7MPNEgpDbgLtXSVsU2cWU5goABW4uTkt6KZjLXGd0fOg71tVo8X1tZqwduhLoeGjqL_M5FctRilIa6-HTQi-MW28Rlu7PIkR5boZEIUMi98bimHa7y1_yR_9Wu31oWKLw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2959043
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
61e58b66136248839f355c52b30bfca3_image_ad_160x600.png
static.criteo.net/design/dt/85689/220527/ Frame 5378 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85689/220527/61e58b66136248839f355c52b30bfca3_image_ad_160x600.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
01cf372e83b00fc554a94e10978637bb144f5689028e91ad5f8bf5f0cf2c7fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:30 GMT
last-modified
Fri, 27 May 2022 07:59:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"629084f6-13d3f"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
81215
expires
Sat, 03 Jun 2023 16:25:30 GMT
all
csm.eu.criteo.net/ Frame 5378 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=PUgmh2oQV1wa0SYKb-jlaKnstg1lAn-ceWPUU-9LsyB2UjY5NO0gcvknNL3nPDZDE9qttErL4K8xYCmGB-RqxyoCY5uX4H6L2uPwRGAQ39oK4dRq3M3CkmdJTmZQOderDWT1C1ImYEFU5xxfiPDoRyZpJnnRa8e4k31j79vhoEY4iqnYusVW2w1UW-eq9r-XLYpRSwd3eb-Uu6pDtQLWvwbuxEDtK6UDkzWxELiq1iruewbgyMq-EfoaL2xIYknml9msNQ&sds=2&rev=81696&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 08 Jun 2022 16:25:29 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5378 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:30 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Jun 2023 16:25:30 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5378 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:30 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Jun 2023 16:25:30 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D893 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 06:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 06:30:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D660 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37906
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 09 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D893 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56ed33d6b08b832803d71b593a674bc6d0fa82d81715a7ca12ec9a034d60a168

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/5312082482335462639/ Frame C8FB 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a964d3ee57d64c5dfc1c04cadb738f8f6f87ede99e443201afa1715ac196b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
601347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1888
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 17:23:03 GMT
expires
Thu, 01 Jun 2023 17:23:03 GMT
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D893 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupJJVnsCJbkEHMCaQRVPX-8LzYYVUwQ85tANQcHGLeVshjmhVfQiP7VVfaUsFLhXZv4n2PRgDRlTGYB_QMm5s7WksO4NdF-m8wwJ6buBMk2AZQcT-_i_hCxElE4pHyEcP2vNxguN6dyeWHsVVGEp8mYYbjHDJfEHxyIQTfZI-o7_-bSMlNsZZIAhKI4q1uAfdU2f7L3FcpgM_tzAATW2e6s82Q_8iUbz9aNrXBp1d0p51t_GZqmr_xmdcEa6Ywg17tHPkMYkg7zu0VLApoUwQxR78K6ZabPfZMKzGmxBhqvXmgdTF9B5271TaImK0qPubXYpmbm7ve5939W2UGBzI-tZlZAVcrdP10g17Wb9PGF-88ef3WiDJEkYjy5JY68YhE6yZHKlrlVc0ZPxRDr1cmLQ6ouc3FdA6sykCEqFKSZ5SIgHnwW21nEhH6u5BDHsdnglKHwqvvXcJfSidKBTv-XOSr3ZOwjr9edDQP4WSvEnw_jdG0-F8WFoeoNMn63HdD68p3C57ZG-kC856ob3CqCNsbhArVYoXHv9qfwOV5s5TqNj7_J8If51PO-QIWkM2K6V9m2lDOHI8M41n_ci2OzuyBrI8F1nT36ivuHl4YmyQ6h4vA4ryix3o1KH3QMLrnQdcE8YQO3txRcpGxJyQodgaGwMEYjEE4saZqVUCeGav024LiMJqK8snndUHZnZGl3fHaksPPvpBJfcXEBeQ8Lm88G-eZHjktw1U17x6GXiRwOvogVP4wB_3QGQQT1-yfkF4AoUy2ml92iloz6Obp14ffIgL6zJUSUK9OjjBQZ2cvHHqiTfcuU_-Lw5b9AtPzUkUjFSvl0kKckxj-xZiqViVTPyoJpTy2mpoXq7U2zbaXpF9Ey7xAt99eXdqqbN5_KBPaXICP__LtVH1BONil7LebOCtXAlHaWVrN1ABj2CIJnDfy8YSeKiqJtdzMrb-asaxEmlzDIRw9IBlQhPjvlV5QFSJ_nesUh67T51XTt-YkgWIEtWwysJ-_5GDS9tLVC45UVR1VPVZQ5-CJGpUaGtaN4qWh6sgd-QkdvAMG717uq_DCVWYvqY0Gv31zFd8XtDa_6BJxYP3nmQ0xQBgWothJmKUa3URSce3UBw5Muy6JvbOKVVWolmCGs51TWTfomO2uaHz4eGNfSFnu-CwDHDpsBVXnH6ongrJYT4j5utoF0xWg9vLygPH9pGYZIXHh-E_pbU2hS5SzVgKKCdt9&sai=AMfl-YTVaAAuT-tFR-3hHySUmSDgeN9FlG9BfR1ARhzsk6KdbU69d6jwzNdXE_xvSkPfqwXjlhhzJA5GlwT_a4BxKlDxCA2TsDmw5GlJ7sClJyijG93p30CS2AKUA-6R5wADcOqba2NYe-k5XrIvg40pXMnMF_rhqxMHyqhHNC2XGnmB7IhN97bRBdaR9GfylLcQORdVZauQ4PAuYwFr-rgFowx1&sig=Cg0ArKJSzN76SDmU1UYyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=72&cbvp=1&cstd=70&cisv=r20220606.63906&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 08 Jun 2022 16:25:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C67F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
35725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 06:30:05 GMT
expires
Thu, 08 Jun 2023 06:30:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D660
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAgRiagbVJxwIezMW6PUyxU&google_cver=1&google_push=AYg5qPKvukU2bi8NqSBBw3YS_bke_1bxqz9nEdlkN_DkQ0ISudx63EbTcGvc7isyaSNIe44sqJ9E6UDgqNRZroWR_X1-3lFUODU
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI5MDYyOTczNDM5MzU1NTQ2OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAgRiagbVJxwIezMW6PUyxU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAgRiagbVJxwIezMW6PUyxU&google_cver=1
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAgRiagbVJxwIezMW6PUyxU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D660
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAASOsoRuu6n3YhRk6D0Shs&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAASOsoRuu6n3YhRk6D0Shs&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXZKY1hHSU4xTllZdVM1&google_gid=CAESEAASOsoRuu6n3YhRk6D0Shs&google_cver=1&google_push=AYg5qPLEiLE8samWvQNz2dtobKeVb9oxazf6SFiwJWPEiXV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXZKY1hHSU4xTllZdVM1&google_gid=CAESEAASOsoRuu6n3YhRk6D0Shs&google_cver=1&google_push=AYg5qPLEiLE8samWvQNz2dtobKeVb9oxazf6SFiwJWPEiXVYT80TAzUFzs3VzvrUw2OEwNXWO0xdle8s9FCruLAT11XkCnnlIC86
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 08 Jun 2022 16:25:29 GMT
Server
PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-0bda8cfa256b80e63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXZKY1hHSU4xTllZdVM1&google_gid=CAESEAASOsoRuu6n3YhRk6D0Shs&google_cver=1&google_push=AYg5qPLEiLE8samWvQNz2dtobKeVb9oxazf6SFiwJWPEiXVYT80TAzUFzs3VzvrUw2OEwNXWO0xdle8s9FCruLAT11XkCnnlIC86
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D660 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJjbD7VQEHM4R2gf3UBkXW4&google_cver=1&google_push=AYg5qPL4JN4bPjydch0OfS_9G1ryhYyFX7HhTfl9L3wR5wuOv3xwTViaFvrShwqlshlEuTjenRl_RwWu_c-WImARkPO7Zb4rchwc
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame D660
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEB-KXyZ6rl9OYY0Acl8iNBI&google_cver=1&google_push=AYg5qPKvLWt7DiawiLwQeXy0v6fABndEqut5aO1zZVcjlhJyH4_BO6bYd_AV3NDQZVyQDTNuk19GHLcdaNp...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKvLWt7DiawiLwQeXy0v6fABndEqut5aO1zZVcjlhJyH4_BO6bYd_AV3NDQZVyQDTNuk19GHLcdaNpI0Je-5LD-HJrznbSm&google_hm=Y5dCvx4GQPOhluCWYIOOugo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKvLWt7DiawiLwQeXy0v6fABndEqut5aO1zZVcjlhJyH4_BO6bYd_AV3NDQZVyQDTNuk19GHLcdaNpI0Je-5LD-HJrznbSm&google_hm=Y5dCvx4GQPOhluCWYIOOugo
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:29 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKvLWt7DiawiLwQeXy0v6fABndEqut5aO1zZVcjlhJyH4_BO6bYd_AV3NDQZVyQDTNuk19GHLcdaNpI0Je-5LD-HJrznbSm&google_hm=Y5dCvx4GQPOhluCWYIOOugo
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D660
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK5JsnCOP5rfBPNV8Aj7quA&google_cver=1&google_push=AYg5qPKXy4yQK-k8GsskUODX6B1JLsas5gF6lAPPIrOdHjm2NQZ-mpPEML1DUBaaiFHJSzTRRTHUOZuI...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY4MTMwMzMxNzgyMzE4MDE2Nw&google_push=AYg5qPKXy4yQK-k8GsskUODX6B1JLsas5gF6lAPPIrOdHjm2NQZ-mpPEML1DUBaaiFHJSzTRRTHUOZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY4MTMwMzMxNzgyMzE4MDE2Nw&google_push=AYg5qPKXy4yQK-k8GsskUODX6B1JLsas5gF6lAPPIrOdHjm2NQZ-mpPEML1DUBaaiFHJSzTRRTHUOZuI1K7dbr8oZmcnZFL61mTS
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY4MTMwMzMxNzgyMzE4MDE2Nw&google_push=AYg5qPKXy4yQK-k8GsskUODX6B1JLsas5gF6lAPPIrOdHjm2NQZ-mpPEML1DUBaaiFHJSzTRRTHUOZuI1K7dbr8oZmcnZFL61mTS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D660
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECw8I5X66NCLBET_SiNSidw&google_cver=1&google_push=AYg5qPK0y9IITHjLKIFUCodf6nCa9O71srx1XlSUU24quzekIlez2rDtHae99uRTrZsiBRmZXTlv3wsqI4Wa...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPK0y9IITHjLKIFUCodf6nCa9O71srx1XlSUU24quzekIlez2rDtHae99uRTrZsiBRmZXTlv3wsqI4WapmsZgKyvsSaiYMY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPK0y9IITHjLKIFUCodf6nCa9O71srx1XlSUU24quzekIlez2rDtHae99uRTrZsiBRmZXTlv3wsqI4WapmsZgKyvsSaiYMY
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPK0y9IITHjLKIFUCodf6nCa9O71srx1XlSUU24quzekIlez2rDtHae99uRTrZsiBRmZXTlv3wsqI4WapmsZgKyvsSaiYMY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame D660
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECw8I5X66NCLBET_SiNSidw&google_cver=1&google_push=AYg5qPK9DmGL87ub8HAFPhpYWp_kH4cgmMsbhPUaGtSBzpedSyiDFLOJpLOSrdPunt-fsQlLrQzV1V8n8ZP...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPK9DmGL87ub8HAFPhpYWp_kH4cgmMsbhPUaGtSBzpedSyiDFLOJpLOSrdPunt-fsQlLrQzV1V8n8ZPDZAbIepy7zjvAEqOQjA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D660 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L2CerFXRD2sVzWsprZCrKlidsRQNNN0ZhjSrv_Cn4vXgAUhTIJYbv6l0HjYVyuKlvXeRMgEw
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
style.css
s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/ Frame C8FB 		3 KB
816 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4e05219a918031b351cbbf52978d47b5bb356d33ed2a84e783b76d54159c5d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
787
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame C8FB 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5050034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33534
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c274"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXGiesc9EICJeCrrlaH9wkIWRokXfjNfKM0trqqboyz%2FsuWO7%2BZovY12Vsbl1FlRi378va0HbWioWLKKeuMM6wtxrOpM0X2RiR1HlrUVhlBTrsG0uZthY88eesTXMtKBnD%2FqwdyQ%2FzDAOB3Iig1mzMcj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7182fbdb4df601df-ZRH
expires
Mon, 29 May 2023 16:25:30 GMT
main.js
s0.2mdn.net/sadbundle/5312082482335462639/javascripts/ Frame C8FB 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/javascripts/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81366b8d555eac429c5b14198573523f55757a94d93d60c83980d38c00225e07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1088
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
pagead2.googlesyndication.com/bg/ Frame C67F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a7a1902cf0b2c62dd8999afc07e491bed0e97e18f790feeb4a222d4e40509bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
23222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13857
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 09:58:28 GMT
bg.jpg
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		315 KB
315 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad3020772c580601a51fa9053ce4ca8155c12db4fc08d125852f951d30596fff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
322422
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
push0.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/push0.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2488b6c3e67b8ec04994779823578a5d7b74a0d814bdee7049a62e9ec97166cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3175
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
push1.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/push1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bd7df5c99615e79a156eb2e81f6f6f0ff72ed5085b80d95c2f88f7160f80304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3213
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
bg1b.jpg
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		196 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/bg1b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e52b26b48dad0ceba58fabaa61a50167088c658243866f4356e85df897f5e7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201134
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
push2.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/push2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c07c4280af0101109ac899ccd91d9b539d927fe58ae715fdb58617aa54ca2bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4191
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
logo_intro.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/logo_intro.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1671067cd3dbc4d9bd94120e1f24ce195123451fa87547713a272485f9c34a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
bg2.jpg
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/bg2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9b946481c32f4369373d2e4a287d25404305f730eaf798f4355846d597f8f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
171571
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
bg2b.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/bg2b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f96c607e65e9265b8426aa1e30a0c7fa19dcfe5147a488c985df06787b10b61e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
178089
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
push3.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/push3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efeed59204d2eb15bc97b127681e3cfe55684a996433151d37dbe0550a89a505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3879
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
bg3.jpg
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		400 KB
400 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/bg3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ea717cca2b878742523fac75fe0037c265e93eb6a96057e685bc411ff833046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
409724
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
bg3b.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		264 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/bg3b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a7e36aaa9181f128dfc877190a075b2bc236dbbd0662833b6def460e16d09fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
269855
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
push4.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/push4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6eb002be030feee5606908eda31af0f2fc5e9cfb811c12d233d42245606ea3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4171
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
push6.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/push6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0258b9d875d5ae4c5d76ccc1a60327957fb59c70a38528c4ed5c896f6caa78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2011
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
push6b.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/push6b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d355d98734b9724ce1261cf64834e3257c32c5130992c3aebdd84c8e4133aa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30226
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
push6c.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/push6c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f0a2702bff0e0c90397d6d2e4f4aba9656e38bea1063ad88935ba676511df16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3296
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
push6d.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/push6d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adf5e7c37f8621ab815d3b78f9f7fe3da104218bac09111b06ece7e1e17b0230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2123
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
push7.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/push7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f11172b57df67c7b2e272803e6e949fafd06fc5aeabda8fb4c2563f67f3d645f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3225
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
cta.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e4f4bcbfca2de071c3d74e3aae1ab2c4df2533bea9bc5cbf0d1059f8c0512af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2287
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
arrow.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/arrow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9c5debd991646f8914a934d73a168313f43a10e008c90543525f82c26071bb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1414
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
cta_hover.png
s0.2mdn.net/sadbundle/5312082482335462639/images/ Frame C8FB 		99 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5312082482335462639/images/cta_hover.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5312082482335462639/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:23:03 GMT
x-content-type-options
nosniff
age
601347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:37:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:23:03 GMT
main.gr.19.8.316.js
static.adsafeprotected.com/ Frame D893 		191 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.316.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/996673/61756196/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac9735bf2e45c6a7e0813911d309bc736b93daada029937eba6b4225e3ac6934

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 18:53:49 GMT
content-encoding
gzip
age
423102
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 03 Jun 2022 16:33:05 GMT
server
AmazonS3
etag
W/"4d520be62bef0cc0d7164fce2525c327"
vary
Accept-Encoding
x-amz-version-id
OpNA3YhBEsD2NkM7cHthafiM7bqSj2wQ
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
OyfOpSjHJsDds1ql6uKzpVBrkxc945QBPzWQEC8t2qBgYSa26TytGw==
view
googleads4.g.doubleclick.net/pcs/ Frame D893 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupJJVnsCJbkEHMCaQRVPX-8LzYYVUwQ85tANQcHGLeVshjmhVfQiP7VVfaUsFLhXZv4n2PRgDRlTGYB_QMm5s7WksO4NdF-m8wwJ6buBMk2AZQcT-_i_hCxElE4pHyEcP2vNxguN6dyeWHsVVGEp8mYYbjHDJfEHxyIQTfZI-o7_-bSMlNsZZIAhKI4q1uAfdU2f7L3FcpgM_tzAATW2e6s82Q_8iUbz9aNrXBp1d0p51t_GZqmr_xmdcEa6Ywg17tHPkMYkg7zu0VLApoUwQxR78K6ZabPfZMKzGmxBhqvXmgdTF9B5271TaImK0qPubXYpmbm7ve5939W2UGBzI-tZlZAVcrdP10g17Wb9PGF-88ef3WiDJEkYjy5JY68YhE6yZHKlrlVc0ZPxRDr1cmLQ6ouc3FdA6sykCEqFKSZ5SIgHnwW21nEhH6u5BDHsdnglKHwqvvXcJfSidKBTv-XOSr3ZOwjr9edDQP4WSvEnw_jdG0-F8WFoeoNMn63HdD68p3C57ZG-kC856ob3CqCNsbhArVYoXHv9qfwOV5s5TqNj7_J8If51PO-QIWkM2K6V9m2lDOHI8M41n_ci2OzuyBrI8F1nT36ivuHl4YmyQ6h4vA4ryix3o1KH3QMLrnQdcE8YQO3txRcpGxJyQodgaGwMEYjEE4saZqVUCeGav024LiMJqK8snndUHZnZGl3fHaksPPvpBJfcXEBeQ8Lm88G-eZHjktw1U17x6GXiRwOvogVP4wB_3QGQQT1-yfkF4AoUy2ml92iloz6Obp14ffIgL6zJUSUK9OjjBQZ2cvHHqiTfcuU_-Lw5b9AtPzUkUjFSvl0kKckxj-xZiqViVTPyoJpTy2mpoXq7U2zbaXpF9Ey7xAt99eXdqqbN5_KBPaXICP__LtVH1BONil7LebOCtXAlHaWVrN1ABj2CIJnDfy8YSeKiqJtdzMrb-asaxEmlzDIRw9IBlQhPjvlV5QFSJ_nesUh67T51XTt-YkgWIEtWwysJ-_5GDS9tLVC45UVR1VPVZQ5-CJGpUaGtaN4qWh6sgd-QkdvAMG717uq_DCVWYvqY0Gv31zFd8XtDa_6BJxYP3nmQ0xQBgWothJmKUa3URSce3UBw5Muy6JvbOKVVWolmCGs51TWTfomO2uaHz4eGNfSFnu-CwDHDpsBVXnH6ongrJYT4j5utoF0xWg9vLygPH9pGYZIXHh-E_pbU2hS5SzVgKKCdt9&sai=AMfl-YTVaAAuT-tFR-3hHySUmSDgeN9FlG9BfR1ARhzsk6KdbU69d6jwzNdXE_xvSkPfqwXjlhhzJA5GlwT_a4BxKlDxCA2TsDmw5GlJ7sClJyijG93p30CS2AKUA-6R5wADcOqba2NYe-k5XrIvg40pXMnMF_rhqxMHyqhHNC2XGnmB7IhN97bRBdaR9GfylLcQORdVZauQ4PAuYwFr-rgFowx1&sig=Cg0ArKJSzN76SDmU1UYyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=313&vt=11&dtpt=241&dett=3&cstd=70&cisv=r20220606.63906&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Jun 2022 16:25:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
skeleton.js
static.adsafeprotected.com/ Frame D893
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/996673/61756196/skeleton.js?adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9016a944eab2e0aba929cf8d551b92ac.safeframe.googl...
  • https://static.adsafeprotected.com/skeleton.js
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:214f:3a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
age
9772047
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lW77JJnsYH2hSO24AtQ9fJ_377-EDYhXT9thFArot9hAalBrj1LdGw==

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame F97B 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 02:32:42 GMT
content-encoding
gzip
age
5579569
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
l4gUmqDWbkjou6FLrWVU8RJjI6e-UVGcUsiIkE2PWgG61jGSdcT6cQ==
dt
dt.adsafeprotected.com/ Frame D893 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=60e67643-0deb-bfaf-be92-dc51157cc045&tv=%7Bc:eXR9ek,pingTime:-3,time:195,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:169%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:195,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:169,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t8btLXj+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1f*.996673-61756196%7C1f1%7C1f2%7C1f3%7C1f41,idMap:1f*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-163.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D893 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=60e67643-0deb-bfaf-be92-dc51157cc045&tv=%7Bc:eXR9el,pingTime:-6,time:196,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:196,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:169,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t8btLXj+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1f*.996673-61756196%7C1f1%7C1f2%7C1f3%7C1f41,idMap:1f*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-163.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D893 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=60e67643-0deb-bfaf-be92-dc51157cc045&tv=%7Bc:eXR9ev,pingTime:-2,time:206,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:136,bdZ:279,beA:307,beZ:308,mfA:457,cmA:458,inA:458,inZ:462,prA:462,prZ:472,si:477,poA:478,poZ:491,cmZ:491,mfZ:491,loA:503,loZ:505,ltA:513,ltZ:513%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:169%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:206,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:169,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t8btLXj+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1f*.996673-61756196%7C1f1%7C1f2%7C1f3%7C1f41,idMap:1f*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:35,readyFired:true%7D&br=c
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-163.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame C67F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRsHdec2gYqOJN9S13gPZrZS4BQAAAAA4AeAEAg&bg=!Hh2lHVnNAAaJfvByqX47ACkAdvg8WvymoQ4i-WIO0n1YgChVMMRkFDAlnq3hB-QaakOjOuaUgPjAqwIAAAEQUgAAAAFoAQcKAHcRaNOB63WQxOhXDr6ipQd_xONjeoXEe8me1kBqg6rgdu1qQc4tZzJa3DRlgs-aSHb1wq9Spa3X30u27qavbKjebkzaWB86hRtarvTK6RDbmQVTDHe45YWw1bk6bmSoPtXCRBY3RxTCm99NrYgPGU2j6UvyJtgDQZkC7QzvhdT-xSqI3svENL3Qo20rwpPMdm49edWPZIuPtez7YhpUV0nCVBNPp-ckvykH3PlTsrxZy_Gp0xVdDyd3gvi1YwB4R1xFqXmQDku2llLK6NBZ1l_7ChADse4IS2BLk3fCvRLhf7alAcKmmjKQSoMQDtubwOcPo0e-ZsnfbCSjHRSgb4TXAtegTa5M7mkIHxJkqPnWeuZRtMO053LE90-c9nk-4DWtcMd6Pnrk6PQLYugKN9_tZJMt5Qis6qKfG7uYupyDnU8bhpbQ5hzRg350wANgn_gfD08vryh1w-BRNQPPXC-Z_0b5iLRBKdtAEjf8V-2lnCPaB_bowK3WZX4hxKZk0gb5V-0YJmj05YJEmvY84b2wubm1levfP6UjRrdCBCjfUczPpNlvgUrR_Caqj8w3yxJvZ84o5p6_D7vlTTvLWFPKHjs30aaU2niUETu1UdqjcQetiYihq1142rLTrJasW8fSYZtDAV_qO0DCSwGuxApIIrU8mNexWCGb-wwlCsyB_6oAk6EgUE075p4PwyLdjd154H58I2zDmXNUquJL_vsiREkVegqlG_qp9CH7knkkjOo9LnOhoWiK8Dz-iikP0kTsa6imyzhomY9Nzoq8tGMP3UAX9caSjBkb-_9I08k8udoSlKONoBRRAudYRKto4nEMUATX2MBXXWsQeeye6qPlFI5ON9q5pOVO2pK_SvD0M4Wd0yvTkHptVF0ehspNQSQP2TlK_ahvPUg7_7oT2ADY0a_GorUGE5CJngGeQvfvY1rafAxburFAaVeDcjyODSk71zHmBybwKy6uHfACtHinXIuPU6sFMeyePXtnuDKpL2dSI7LwQk2leagIBdTyYRNFCUgcd_qXXokwaVexoonD6SZNzZQOsdYxFhhZFtAJ5zmqbCmsTXmCMcO9LXriAMy5IeMBXmbtOg-MPRiCiSanw7TEpkiia9cRKAFL5lCGViPsDB-EjwpGpZUSN2L9St_9ZHyTaw6p
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame D893 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=60e67643-0deb-bfaf-be92-dc51157cc045&tv=%7Bc:eXR9fs,time:265,type:e,im:%7Bimprf:%7Bttecl:401,ecd:47,tsecr:12%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:265,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:169,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t8btLXj+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1f*.996673-61756196%7C1f1%7C1f2%7C1f3%7C1f41,idMap:1f*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-163.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D893 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=60e67643-0deb-bfaf-be92-dc51157cc045&tv=%7Bc:eXR9jG,pingTime:-10,time:527,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMi4wLjUwMDUuNjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1654705530671%7C%7C5a321ca7c9ee6d1c45242b1d2107e86a%7C%7C964e3af713011c1f80eb8ddd3aa7991e%7C%7C6c2b01fcd549b92ac025c4aff1af1467%7C%7C574b44d8358e7ef40c600db40b88a1bc%7C%7Cccbb4acee1dd5b3dbddd14c6388504c3%7C%7Cffd7e0e9c7d19d41eef8367383c7043f%7C%7C88998d8c0ed3d1e74f4b7fbf89dfa4c5%7C%7C1629390669%7D
Requested by
Host: 9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
URL: https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-163.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D893 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=60e67643-0deb-bfaf-be92-dc51157cc045&tv=%7Bc:eXR9lS,time:663,type:e,im:%7Bpci:%7Btdr:464%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:663,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:169,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B511~0%5D,as:%5B511~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:102,fm:t8btLXj+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1f*.996673-61756196%7C1f1%7C1f2%7C1f3%7C1f41,idMap:1f*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-163.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E92 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusFogbkY-vmjP9qPpbBMLs7E6rbbxyjf1Apc4LjisSEcId23M5B03BLfuHM6Ysj9yzgVqYu0vbRtwwG5LH6_4C&sig=Cg0ArKJSzG32KUcPhfvbEAE&cid=CAASF-RooJ1JgZqRsd3QJjljf3AFDjOt-iQ8&id=lidar2&mcvt=1000&p=186,1439,786,1599&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2273020715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654705529830&rpt=105&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 5378 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=PUgmh2oQV1wa0SYKb-jlaKnstg1lAn-ceWPUU-9LsyB2UjY5NO0gcvknNL3nPDZDE9qttErL4K8xYCmGB-RqxyoCY5uX4H6L2uPwRGAQ39oK4dRq3M3CkmdJTmZQOderDWT1C1ImYEFU5xxfiPDoRyZpJnnRa8e4k31j79vhoEY4iqnYusVW2w1UW-eq9r-XLYpRSwd3eb-Uu6pDtQLWvwbuxEDtK6UDkzWxELiq1iruewbgyMq-EfoaL2xIYknml9msNQ&sds=2&rev=81696&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 08 Jun 2022 16:25:30 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
activeview
pagead2.googlesyndication.com/pcs/ Frame D893 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-H8dfLTz8UBcpxo-ZgRCkV-6mawvcbnTdc25DDOeBjfRYV32U95Z64TveacBxObOIWl5axa-x10KzVAunrLSrWEoP9BuY3rDQuSyEac6krALNntR0fQeUQvaW&sai=AMfl-YTswlTurLctzglHUYxa41koisVLjYcFvXTFLvN-K9d5oMmWKcLv9SWLAi3cpsEXZwZ4NCcMT2cBrAJYbAsL7MLZUTGzD0RxUNGa5fnB0vYdlBwUy7rTzxcOSV7z&sig=Cg0ArKJSzO3eTPUJDSxpEAE&cid=CAASJeRoLT79ZhQo_NpbsLklYsliPEtYBbpi9xTZEwUiZEs-G4MQW28&id=lidar2&mcvt=1000&p=1039,315,1289,1285&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=20&adk=2878636598&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654705529838&rpt=189&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame D893 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=60e67643-0deb-bfaf-be92-dc51157cc045&tv=%7Bc:eXR9KM,pingTime:1,time:2207,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:169%7D,%7Bpiv:64,vs:pp,r:,t:1205%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1205,n:0,pp:1002,pm:0%7D,slEvents:%5B%7Bsl:o,t:169,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1053~0,0~50%5D,as:%5B1053~970.250%5D%7D%7D,%7Bsl:pp,t:1205,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~50%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:105,fm:t8btLXj+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1f*.996673-61756196%7C1f1%7C1f2%7C1f3%7C1f41,idMap:1f*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-163.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:32 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D893 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=60e67643-0deb-bfaf-be92-dc51157cc045&tv=%7Bc:eXR9KN,pingTime:1,time:2208,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:169%7D,%7Bpiv:64,vs:pp,r:,t:1205%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1205,n:0,pp:1003,pm:0%7D,slEvents:%5B%7Bsl:o,t:169,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1053~0,0~50%5D,as:%5B1053~970.250%5D%7D%7D,%7Bsl:pp,t:1205,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~50%5D,as:%5B1002~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:105,fm:t8btLXj+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1f*.996673-61756196%7C1f1%7C1f2%7C1f3%7C1f41,idMap:1f*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-163.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:32 GMT
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ywvj1XxqSjQ2bUU5cU9BWjNNZ2d0VE5zdjJ5WGJmQ29Ja2psYVR5M2RQYThkYklwbXNZWkVzVFJWY0Q3WlEyRTA5Rjc2bll3WlFhcEZYdmFCNW5MRVV4bjZzbytlMTl1UkJkSmRRR1d1bG9BZVRrcG1ZM1RiQ3lRMlZycm...
355 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ywvj1XxqSjQ2bUU5cU9BWjNNZ2d0VE5zdjJ5WGJmQ29Ja2psYVR5M2RQYThkYklwbXNZWkVzVFJWY0Q3WlEyRTA5Rjc2bll3WlFhcEZYdmFCNW5MRVV4bjZzbytlMTl1UkJkSmRRR1d1bG9BZVRrcG1ZM1RiQ3lRMlZycm9Db0xRa2FrZzNPVTJKWllqOVdGdk9YWm04cFlZMUhsTHR4TElRMG9kY2hLeExNakpWWkNGTFg1eEhmZkpxQmI4NUZjYXFLQmpWQ3ErZG5qU0s4VWthbS8vSVc1WGszN1VXSVAwS1JIRThBVEROL3d4aDVFeC9zaldiUk9RdnROeUJHU0hrNWEzfA&cppv=2
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Server
178.250.0.157 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1cf115e0ba90afcc063985d75e77c52f7244802865a28fcd71079998648c381
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2539
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:32 GMT
location
https://mug.criteo.com/sid?cpp=ywvj1XxqSjQ2bUU5cU9BWjNNZ2d0VE5zdjJ5WGJmQ29Ja2psYVR5M2RQYThkYklwbXNZWkVzVFJWY0Q3WlEyRTA5Rjc2bll3WlFhcEZYdmFCNW5MRVV4bjZzbytlMTl1UkJkSmRRR1d1bG9BZVRrcG1ZM1RiQ3lRMlZycm9Db0xRa2FrZzNPVTJKWllqOVdGdk9YWm04cFlZMUhsTHR4TElRMG9kY2hLeExNakpWWkNGTFg1eEhmZkpxQmI4NUZjYXFLQmpWQ3ErZG5qU0s4VWthbS8vSVc1WGszN1VXSVAwS1JIRThBVEROL3d4aDVFeC9zaldiUk9RdnROeUJHU0hrNWEzfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1634
content-length
509
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 08 Jun 2022 16:25:32 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1314
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4C03 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133326
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:32 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 10 Jun 2022 05:27:38 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A054 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
43092
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 08 Jun 2022 16:25:32 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 26 May 2022 04:26:53 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 593956
X-Served-By
cache-lga21968-LGA, cache-hhn4034-HHN
X-Timer
S1654705533.545162,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 4883 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 08 Jun 2022 16:25:32 GMT
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
via
1.1 google
/
csync.smilewanted.com/ Frame 2052 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a740e1393fbdb65e312e758c2389a20111ea7f86d483327cd7131a414ca2f7c

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbea1c3c923b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 9831 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 08 Jun 2022 16:25:32 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame C06D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
43092
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 08 Jun 2022 16:25:32 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 26 May 2022 04:26:53 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 510513
X-Served-By
cache-lga13627-LGA, cache-cdg20774-CDG
X-Timer
S1654705533.554270,VS0,VE0
/
onetag-sys.com/usync/ Frame 7E1A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1654705526538
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1654646400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
prebid
b1h-euc1.zemanta.com/usersync/ 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 08 Jun 2022 16:25:32 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 4C03 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33996700&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ee98f69a1ea10c006a75df83815e5e9de56f36dc74704aef734fe91282f484a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2034
content-type
text/html; charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ywvj1XxqSjQ2bUU5cU9BWjNNZ2d0VE5zdjJ5WGJmQ29Ja2psYVR5M2RQYThkYklwbXNZWkVzVFJWY0Q3WlEyRTA5Rjc2bll3WlFhcEZYdmFCNW5MRVV4bjZzbytlMTl1UkJkSmRRR1d1bG9BZVRrcG1ZM1RiQ3lRMlZycm9Db0xRa2FrZzNPVTJKWllqOVdGdk9YWm04cFlZMUhsTHR4TElRMG9kY2hLeExNakpWWkNGTFg1eEhmZkpxQmI4NUZjYXFLQmpWQ3ErZG5qU0s4VWthbS8vSVc1WGszN1VXSVAwS1JIRThBVEROL3d4aDVFeC9zaldiUk9RdnROeUJHU0hrNWEzfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 08 Jun 2022 16:25:32 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1148
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame A054 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Jun 2022 16:25:32 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
971ef69c-7366-4301-890c-7ef011748bb0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 2052 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1328078
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7182fbeaed93923b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
async_usersync
ib.adnxs.com/ Frame C06D 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Jun 2022 16:25:32 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3b135a70-e46f-4d25-8496-daee3e17710a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E6DF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7106906131594016919
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7106906131594016919
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 08 Jun 2022 16:25:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 08 Jun 2022 16:25:32 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7106906131594016919
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame EA87
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=v1JBwhKgT5lNAEV6djSCosEbDgo
42 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=v1JBwhKgT5lNAEV6djSCosEbDgo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 08 Jun 2022 16:25:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Wed, 08 Jun 2022 16:25:32 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=v1JBwhKgT5lNAEV6djSCosEbDgo
Pug
simage2.pubmatic.com/AdServer/ Frame B862
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqDNfAAHbIM4gQAo&gdpr=0&gdpr_consent=&_test=YqDNfAAHbIM4gQAo
1 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqDNfAAHbIM4gQAo&gdpr=0&gdpr_consent=&_test=YqDNfAAHbIM4gQAo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 08 Jun 2022 16:25:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 08 Jun 2022 16:25:32 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqDNfAAHbIM4gQAo&gdpr=0&gdpr_consent=&_test=YqDNfAAHbIM4gQAo
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4042-HHN
x-timer
S1654705533.786796,VS0,VE0
redir
rtb-csync.smartadserver.com/ Frame 875D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIVEUwN0ZRWnNBQUhnLWp0eUZrZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHTE07FQZsAAHg-jtyFkg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAHTE07FQZsAAHg-jtyFkg&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHTE07FQZsAAHg-jtyFkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHTE07FQZsAAHg-jtyFkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Wed, 08 Jun 2022 16:25:33 GMT
transfer-encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 08 Jun 2022 16:25:33 GMT
Server
nginx
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHTE07FQZsAAHg-jtyFkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
strict-transport-security
max-age=2592000; includeSubDomains
Artemis
aud.pubmatic.com/AdServer/ Frame 4C03
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
104.36.113.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Redirect headers

date
Wed, 08 Jun 2022 16:25:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 4C03
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:30 GMT
frontend-id
15
location
/pubmatic/1/info2?sType=sync&sExtCookieId=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4C03 		95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7182fbeafa3e2397-ZRH
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 4C03
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
107.23.12.102 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 08 Jun 2022 16:25:33 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 08 Jun 2022 16:25:32 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4C03
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=999098a9-f1b2-4d09-a03f-4d18d929bbf8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=84e88f0f-8839-40d5-b529-1ce6bc8694cd&expires=1&user_group=5&ssp=pubmatic&bsw_param=999098a9-f1b2-4d09-a03f-4d18d929bbf8
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=999098a9-f1b2-4d09-a03f-4d18d929bbf8&gdpr=&gdpr_consent=&gdpr_pd=
1 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=999098a9-f1b2-4d09-a03f-4d18d929bbf8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=999098a9-f1b2-4d09-a03f-4d18d929bbf8&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 08 Jun 2022 16:25:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4C03 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/ED49763F-0D8A-45CC-A6D6-51A95E4DAD30?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:6b88:e1e2:688e:aa3b -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 4C03
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bjVDvklE2uVv7Vmo_1I1Cm30NyVVKAM-~A&gdpr=0&gdpr_consent=
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bjVDvklE2uVv7Vmo_1I1Cm30NyVVKAM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bjVDvklE2uVv7Vmo_1I1Cm30NyVVKAM-~A&gdpr=0&gdpr_consent=
date
Wed, 08 Jun 2022 16:25:32 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 4C03
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8290629734393555469&gdpr=0&gdpr_consent=&us_privacy=
1 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8290629734393555469&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8290629734393555469&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 08 Jun 2022 16:25:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 4C03 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ED49763F-0D8A-45CC-A6D6-51A95E4DAD30&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:32 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4C03
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a1644f61-eacd-4795-9e09-a6d85ad042f8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a1644f61-eacd-4795-9e09-a6d85ad042f8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a1644f61-eacd-4795-9e09-a6d85ad042f8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 08 Jun 2022 16:25:32 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
drop_cookie_sw.php
csync.smilewanted.com/ Frame A44B 		0
550 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbeb1ded923b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
setuid
ib.adnxs.com/prebid/ Frame 4BA8
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7ea6bbaeccf953a2c1e4fc73b26c4eb0
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7ea6bbaeccf953a2c1e4fc73b26c4eb0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
70a06d7f-3074-4152-a475-52592bd58dd6
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 08 Jun 2022 16:25:32 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbeb2df4923b-FRA
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7ea6bbaeccf953a2c1e4fc73b26c4eb0
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 4F8D 		1 KB
900 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7182fbeb8d2c2325-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
getuid
sync.smartadserver.com/ Frame 9FF0
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 08 Jun 2022 16:25:31 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Wed, 08 Jun 2022 16:25:32 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
sync.php
pixel.rubiconproject.com/exchange/ Frame 7F03 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
6f9fd0201ed801884e5299d5aabca094
1
sync-eu.connectad.io/syncer/ Frame 984D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7182fbec3e742325-ZRH
date
Wed, 08 Jun 2022 16:25:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
/
csync.loopme.me/ Frame 44B1 		0
0
y-0hsxoERE2uF62DuRrcN0..u.E7RRO4sq_QneqUI-~A&gdpr=0&gdpr_consent=
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame 9A39
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-0hsxoERE2uF62DuRrcN0..u.E7RRO4sq_QneqUI-~A&gdpr=0&gdpr_consent=
0
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-0hsxoERE2uF62DuRrcN0..u.E7RRO4sq_QneqUI-~A&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbed1923923b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

age
0
content-length
0
date
Wed, 08 Jun 2022 16:25:32 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-0hsxoERE2uF62DuRrcN0..u.E7RRO4sq_QneqUI-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
0a30a057-96a0-431d-abd9-f6d9abaad56e
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 986F
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/0a30a057-96a0-431d-abd9-f6d9abaad56e
0
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/0a30a057-96a0-431d-abd9-f6d9abaad56e
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbedba14923b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Wed, 08 Jun 2022 16:25:33 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/0a30a057-96a0-431d-abd9-f6d9abaad56e
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
via
1.1 google
2439243591662352484
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 9205
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/2439243591662352484
0
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/2439243591662352484
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbee0a98923b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

AN-X-Request-Uuid
3af33578-fe15-4590-89c7-5abccf368e7a
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 08 Jun 2022 16:25:33 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/2439243591662352484
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
07c022040015775680dc07a5&gdpr=0&gdprConsent=
csync.smilewanted.com/set_partner_userid_get/adotmob/ Frame 26B3
Redirect Chain
  • https://sync.adotmob.com/cookie/smilewanted?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadotmob%2F{amob_user_id}&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/adotmob/07c022040015775680dc07a5&gdpr=0&gdprConsent=
0
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adotmob/07c022040015775680dc07a5&gdpr=0&gdprConsent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7182fbff4ef9923b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 16:25:35 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
content-length
0
date
Wed, 08 Jun 2022 16:25:35 GMT
keep-alive
timeout=5
location
https://csync.smilewanted.com/set_partner_userid_get/adotmob/07c022040015775680dc07a5&gdpr=0&gdprConsent=
vary
Origin
x-powered-by
Express
async_usersync
ib.adnxs.com/ Frame A054 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Jun 2022 16:25:33 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
49550e3b-d097-4afe-81e9-0f96fc48f83d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C06D 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Jun 2022 16:25:33 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b1f7d041-4ad9-4b22-8bf4-dc8cec7e3b0b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4C03 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.121 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:25:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ Frame D893 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=60e67643-0deb-bfaf-be92-dc51157cc045&tv=%7Bc:eXRaNh,pingTime:5,time:6206,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:169%7D,%7Bpiv:64,vs:pp,r:,t:1205%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1205,n:0,pp:5001,pm:0%7D,slEvents:%5B%7Bsl:o,t:169,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1053~0,0~50%5D,as:%5B1053~970.250%5D%7D%7D,%7Bsl:pp,t:1205,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~50%5D,as:%5B5000~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:146,fm:t8btLXj+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1f*.996673-61756196%7C1f1%7C1f2%7C1f3%7C1f41,idMap:1f*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-163.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:36 GMT
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
all
csm.eu.criteo.net/ Frame 5378 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=PUgmh2oQV1wa0SYKb-jlaKnstg1lAn-ceWPUU-9LsyB2UjY5NO0gcvknNL3nPDZDE9qttErL4K8xYCmGB-RqxyoCY5uX4H6L2uPwRGAQ39oK4dRq3M3CkmdJTmZQOderDWT1C1ImYEFU5xxfiPDoRyZpJnnRa8e4k31j79vhoEY4iqnYusVW2w1UW-eq9r-XLYpRSwd3eb-Uu6pDtQLWvwbuxEDtK6UDkzWxELiq1iruewbgyMq-EfoaL2xIYknml9msNQ&sds=2&rev=81696&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqDNeQAHmE8K4CXFAAkvpvUH7391ZGyut5SctA&u=%7CFtum6EOJmgC%2FwUkMGIMXdZ5sDWq3jtza9BZFvLRw6cE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRbTtzWuibZL8NguExD1gv6hDpKW4OpqPTVpt4nIEnebQkeoYw9o5MIoJ4LzeLojvoPxkhhCjvkE7oaOvB0-kXiUHxV-2A2k4oWcxvSz619dVpsAH_r2eMVTFCxJjyjbJElXYOaSzISGbTsxlI2wrvpl05QUWlHQtIa-Pf7424U0I6fsSKr4dvBAHnACWve8kvMU4iPFxueV65aGRp005bxu3gzo6PdPNsJrohj2tAszklI5iIJJEioZXpanppF8SyzPfstETJEPyWsu2581d8rBvu0qN2RNFG6Hyfi-Qd7XbfpdEyuo7GaMemhaKrpz1i3o2xecw8WBb8DIPbNLVg7WCdhtHDQ8QcWoR1qUWtsVQZ7Ly-qLC22WQHVdD2QsNR3J_DX_YMHSNnaHGspE_6JnFFU_JIlD6CPE-0v38qPJZ0n3lLvkl0c8hI58h0AMnlQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg0xVec2gYs-wHsXLgAem36TgBcme0rFc1Z2R93DAjbcBEAEgAGCVgouCmAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAi6M0p6n-rE-4AIAqAMBqgT9AU_QTdeOl5O8VZg3AozSZWcWVrUFznhbMQtCCa3NLGiZRFyM6r9onuuZNQhj0e0h2Y3V1wuJHgNphIlBoCqicrp0OaPV-ooDl4ndYM6Ns6b0uQKuJgU5u4HkYUPOWEO3-49dlCMK32a0NVWYW7MkclcJP8qKnbE3LTad4ZJcP9_BgGsOMSv9lDAgjm4t9SlLVdRawrtcdTZN5yjt9SI7NSfyOmAg_nJ0P6V4nCu5dscusgBECv7BCdkXSwH-8s8dBsFTcb47jZx9ROBgZm7gtG3MBtEhwSqAJM_1UZoijYoeG6hzKbWC6uTqD00wPwSgya-Vs0v_kD2jERWNVLfgBAGABvzfxLr54YbVLqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10xbERtAFeZwj8bSYxkbhbvr522A%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 08 Jun 2022 16:25:36 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
dc_oe=ChMIls6UuaKe-AIV1op3Ch2GCQxBEAAYACC1koJSQhMIuL37uKKe-AIV_dwRCB2ZRwYt;met=1;&timestamp=1654705537268;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 874E 		42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIls6UuaKe-AIV1op3Ch2GCQxBEAAYACC1koJSQhMIuL37uKKe-AIV_dwRCB2ZRwYt;met=1;&timestamp=1654705537268;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:25:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Domain
sync.adaptv.advertising.com
URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESENXbcuVJcrBK4HOwGSAcF4Y&google_cver=1&google_push=AYg5qPLcN_qm-8VLiLQTrS0ER9UnKUUYdavZSR3do6CfIhBx59Ro-90CdYtfVNwF5zeaEuOYiw5fJlci05Yj7jf5YNvpi-XNaF2ySA
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| addScriptPromise object| googletag string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist object| WallaTargeting string| loadDataState object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime string| __strip_step__ object| google_tag_manager object| google_optimize function| postscribe object| google_tag_manager_external function| fbq function| _fbq function| desc function| category function| author function| tags function| age function| gender object| ptag object| f object| ktag string| path object| z object| permutive object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| _0xa312 function| _0x24e3 object| _vadHb function| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_conversion_id object| google_custom_params object| google_remarketing_only object| ggeac boolean| google_plmetrics object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments undefined| google_measure_js_timing object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| a object| sw_consent object| sas object| apntag object| _ADAGIO object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ONFOCUS

66 Cookies

Domain/Path Name / Value
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.walla.co.il/ Name: _ga
Value: GA1.3.1330302847.1654705526
.walla.co.il/ Name: _gid
Value: GA1.3.1306909169.1654705526
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.walla.co.il/ Name: _fbp
Value: fb.2.1654705526534.646971778
.walla.co.il/ Name: vad-loc-code
Value: de
.facebook.com/ Name: fr
Value: 0m113OgDvqOgSdei1..BioM12...1.0.BioM12.
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEw9pqDlQY4AUABSAEQ9pqDlQYYAA..
.adnxs.com/ Name: uuid2
Value: 2439243591662352484
prebid.a-mo.net/ Name: __amc
Value: 1_1654705526_1654705526
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI3ZWE2YmJhZWNjZjk1M2EyYzFlNGZjNzNiMjZjNGViMCIsImV4cGlyZXMiOiIyMDIyLTA5LTA2VDE2OjI1OjI2WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTA2LTA4VDE2OjI1OjI2WiJ9
.360yield.com/ Name: tuuid
Value: 2e407d95-b042-498e-915c-3ece56d4e3e5
.360yield.com/ Name: tuuid_lu
Value: 1654705526
.doubleclick.net/ Name: IDE
Value: AHWqTUnOR--8eSNjokFMXXUPocLMRkSpF7KgPW7ADfEhSJSi7o_n1xIvAc0O4uZ3AxU
.walla.co.il/ Name: __gads
Value: ID=c07c3b2962e6d216:T=1654705526:S=ALNI_MZpGkJoTvT75c-Sdkd8f59DL-Whqg
.pubmatic.com/ Name: KADUSERCOOKIE
Value: ED49763F-0D8A-45CC-A6D6-51A95E4DAD30
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158810:2
.pubmatic.com/ Name: DPSync3
Value: 1655856000%3A201_197_219%7C1654732800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1655856000%3A21_13_7_56_220_161_54_3_8%7C1655942400%3A35
.quantserve.com/ Name: mc
Value: 62a0cd77-032dc-003a4-9e323
.casalemedia.com/ Name: CMPS
Value: 3219
.onaudience.com/ Name: cookie
Value: 7b66c67c989df1e3
.onaudience.com/ Name: done_redirects104
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2IlcG^P@`!A#G+.TOKKnyW<U1`VROYQM-:X@IMQS.nPj?o>cM]4BzZSa<jnUD_oKAo=rz/X%W#.wLP<6FISa`*%lt?aVIASvPb[TPH)[RB'?:'=%!PT3NzQR9MK_?RmPqc0SVo3nXm/!3E=MEhQk5
.simpli.fi/ Name: suid
Value: B907ABCEA12D4717ADA1DCB60E11A931
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid2
Value: 1.4198648938245447801
.casalemedia.com/ Name: CMPRO
Value: 1112
.casalemedia.com/ Name: CMST
Value: YqDNd2KgzXcA
.adform.net/ Name: uid
Value: 1681303317823180167
.casalemedia.com/ Name: CMID
Value: YqDNd2bNmQPTLTA275UsIAAA
.casalemedia.com/ Name: CMRUM3
Value: 2d62a0cd772760CAESEDTvz9t2Taun7J2VxEks_JA
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.quantserve.com/ Name: d
Value: ENQBDgGqJoEO-TA
.onaudience.com/ Name: done_redirects219
Value: 1
.spotxchange.com/ Name: audience
Value: 9b1b6bd8-e747-11ec-a2a4-10ffbde80106
.zeotap.com/ Name: zc
Value: 87d21dbb-bdaa-47ca-66e6-a08ede132bde
.zeotap.com/ Name: zsc
Value: %F5%FB%80%CEP%E5%C6pRb%7C%D9nE%D9%24%83%E7%B4%B9%D6%BC%D1%EE3%A1%21%5E%98%AE%19w%AE%7F%1C%E0%B0%021%7B%B5%EE%BC%DB%2B%B4%AE%AF+9%EC%29%7C%BCZ%F2%B6eo%3D%834%BAgvF%06%15U%08%CD%90%A1%1D%3D%9E%03%96%BA%D9W%D84
.smilewanted.com/ Name: sw_user_params_infos
Value: u4mLO5vZ7jSNUnlk5cSmHlzCgAXkUxU9ZTq7HCgf9kEMO0UByfodx%2F3TZ7l5GGeP7gqTp37xfGUlJxMSn2UUiijc0LV0cZ8VKvP3kyiacjIiLVI49ofY9QGRlBfVqakT8Kweq1OoDZUYdwHaGmSJZZ3cKZtfYTmmodl8OPAv4uOZhHXSB2CoVKCvvRPk8sRrU9KjKDUbiv7sivXFcCdYTsKzEF3uJXa5pQAM9Ox%2BQV%2BWjCqT7%2BbQ9BaGE788oK4DRjHaM9mwHw2CyxFLUGsz1f9I63jzaulm6VgtGb%2FHPDIqdLFhs3gaAQnCxXJm%2FIWP6iz9tQBplsc5GV8tkH65oLRbeY%2BXcqFqXAAnzvfn2cH5YOPKeAjYTrz8FllLhklJ1BmEFWcDgrK9mbhRhsMewwpFm9%2Bp%2BbFY0UVWR787yrw%3D
.bidswitch.net/ Name: tuuid
Value: 999098a9-f1b2-4d09-a03f-4d18d929bbf8
.bidswitch.net/ Name: c
Value: 1654705527
.bidswitch.net/ Name: tuuid_lu
Value: 1654705527
.bidswitch.net/ Name: google_push
Value: AYg5qPLO84x8lQpX5G8yo33hNtt0XhJRxHp5oVbfLycCGu1wOBQ8hZfbPQB4F7mVtplneFa0kKPqDZIu3DQr-rVJ_krpkFJg3s2KEA
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4198648938245447801
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-86FTQab3BUboowFDofAfQfWgU0XoqldC96AhAHhG&KRTB&19420-86FTQab3BUboowFDofAfQfWgU0XoqldC96AhAHhG&KRTB&22979-86FTQab3BUboowFDofAfQfWgU0XoqldC96AhAHhG
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2439243591662352484&KRTB&23339-2439243591662352484
.pubmatic.com/ Name: PugT
Value: 1654705526
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEG8510EWteigMHALW8nO0Kg&KRTB&22987-CAESEG8510EWteigMHALW8nO0Kg&KRTB&23025-CAESEG8510EWteigMHALW8nO0Kg&KRTB&23386-CAESEG8510EWteigMHALW8nO0Kg
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1681303317823180167&KRTB&23263-1681303317823180167
.mathtag.com/ Name: uuid
Value: 815062a0-cd77-4800-a401-06367fd3c62b
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2d8262a0-cd78-4100-b836-b8e0c0b2c6a0&KRTB&16736-uid:2d8262a0-cd78-4100-b836-b8e0c0b2c6a0&KRTB&23019-uid:2d8262a0-cd78-4100-b836-b8e0c0b2c6a0&KRTB&23208-uid:2d8262a0-cd78-4100-b836-b8e0c0b2c6a0
.adfarm1.adition.com/ Name: UserID1
Value: 7106906131594016919
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAOOSMXR2dA129bcMDXEP9TepMI-yTLEMMffxzggqdwUAAmqSAR4AAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjEwMLM0NTM3MTE3NzIwNzQwsBTiM9T1Tk-uCI_0DvfLtSgAACNc0fYlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjEwMLM0NTM3MTE3NzIwNzQwsBTiM9T1Tk-uCI_0DvfLtSgAACNc0fYlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAOOSMXR2dA129bcMDXEP9TepMI-yTLEMMffxzggqdw3iNTQzNTE3MDU1srS0MH7FiMoHAKZbWCk9AAAA
.ctnsnet.com/ Name: cid_639742bf1e0640f3a196e09660838eba
Value: 1
.ctnsnet.com/ Name: gid_CAESEB-KXyZ6rl9OYY0Acl8iNBI
Value: 1
.w55c.net/ Name: wfivefivec
Value: 1vJcXGIN1NYYuS5
.w55c.net/ Name: matchgoogle
Value: 5
.turn.com/ Name: uid
Value: 8290629734393555469
.pubmatic.com/ Name: SPugT
Value: 1654705529

3 Console Messages

Source Level URL
Text
network error URL: https://www.walla.co.il//
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-06-08
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESENXbcuVJcrBK4HOwGSAcF4Y&google_cver=1&google_push=AYg5qPLcN_qm-8VLiLQTrS0ER9UnKUUYdavZSR3do6CfIhBx59Ro-90CdYtfVNwF5zeaEuOYiw5fJlci05Yj7jf5YNvpi-XNaF2ySA
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9016a944eab2e0aba929cf8d551b92ac.safeframe.googlesyndication.com
a.audrte.com
a.rfihub.com
acdn.adnxs.com
ad.turn.com
ade.googlesyndication.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
aud.pubmatic.com
b1h-euc1.zemanta.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cat.nl.eu.criteo.com
cdn.connectad.io
cdn.jsdelivr.net
cdn.permutive.com
cdn.valuad.cloud
cdnjs.cloudflare.com
cf.dxmcdn.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
khn.crowdad.io
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mcdp-nydc1.outbrain.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
odb.outbrain.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
pubmatic-match.dotomi.com
r.turn.com
rtb-csync.smartadserver.com
rtb.fr.eu.criteo.com
rtb.openx.net
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.adaptv.advertising.com
sync.adotmob.com
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.teads.tv
tcheck.outbrainimg.com
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.walla.co.il
x.bidswitch.net
csync.loopme.me
hbopenbid.pubmatic.com
sync.adaptv.advertising.com
103.229.206.241
104.19.150.54
104.22.68.131
104.36.113.107
104.36.113.68
104.92.106.130
107.23.12.102
141.94.171.216
142.250.185.66
142.250.186.162
142.250.74.194
143.204.215.84
147.75.85.234
151.101.1.108
151.101.114.132
151.101.194.49
159.65.196.12
169.50.137.184
172.217.16.130
178.250.0.157
178.250.2.131
178.250.2.148
178.250.2.150
178.250.2.151
18.156.0.31
18.206.27.41
185.183.112.155
185.255.84.150
185.33.221.50
185.33.221.89
185.64.190.78
185.86.139.106
185.94.180.126
193.0.160.128
198.148.27.140
198.47.127.20
2001:678:cb4:bbbb::11
204.237.133.121
205.185.216.10
213.155.156.182
213.227.153.220
23.22.169.163
23.35.228.201
23.35.228.247
23.35.229.181
23.35.229.86
2600:9000:206f:6200:11:da61:a100:93a1
2600:9000:20eb:0:4:1c73:c740:21
2600:9000:214f:3a00:8:48e:53c0:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:36ce
2606:4700:20::681a:9a9
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:272
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:808::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:4001:827::2014
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c08::9d
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::1c
2a02:2638::2
2a02:fa8:8806:12::1400
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a05:d018:d29:3601:6b88:e1e2:688e:aa3b
34.240.82.67
34.98.64.218
35.156.182.43
35.186.193.173
35.201.96.126
35.227.252.103
35.71.131.137
37.157.4.40
51.68.39.188
51.89.9.252
52.29.123.29
52.29.193.101
52.31.207.136
52.50.170.21
54.229.131.207
63.34.44.143
66.155.71.150
69.173.144.139
70.42.32.127
76.223.111.18
77.243.60.138
85.114.159.93
01cf372e83b00fc554a94e10978637bb144f5689028e91ad5f8bf5f0cf2c7fef
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a7a1902cf0b2c62dd8999afc07e491bed0e97e18f790feeb4a222d4e40509bb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119594b63b78b094e8eee8dcba98821c54b689fc200ecf785230a43edc0ed038
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1671067cd3dbc4d9bd94120e1f24ce195123451fa87547713a272485f9c34a1c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bcd8857981ddc76dfc9b9db2632b43b82418adb4b8a49852b627fee983a8bbf
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23f3afb8e9c77433e153edd5521fdc27e7bf8651eed58774e1814cea437a51fe
2488b6c3e67b8ec04994779823578a5d7b74a0d814bdee7049a62e9ec97166cf
266d8dcc1e5ba035f5ae4f9df96639319a273008c45c7f7f7b0e709039e4f163
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a740e1393fbdb65e312e758c2389a20111ea7f86d483327cd7131a414ca2f7c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd7df5c99615e79a156eb2e81f6f6f0ff72ed5085b80d95c2f88f7160f80304
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35c1f58a87d5cfeee55d31da54a7922a64dc1a565a7aacaf009b15b1daa77aae
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38ce6d73c3c61fb69d0c8196bd61ca02e972cf547604f7415c1ddaaf7968cd44
3b49126715cea9a06fdfc3fa6131bf6fa70305a93c17ed021f3f659784b22085
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cb78f36f2b221e83313ab6b1318f51798960411357532a130a195d30eb8a954
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fe2f60f87b5d8721d0f2810387ec5b62fcb12bf481b83dd577a7185c00be0d5
3fef2bb487a75c68deb09f1bb519592f7688129de30f665c72d577df95c102a8
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
4e4f4bcbfca2de071c3d74e3aae1ab2c4df2533bea9bc5cbf0d1059f8c0512af
4e52b26b48dad0ceba58fabaa61a50167088c658243866f4356e85df897f5e7c
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
56ed33d6b08b832803d71b593a674bc6d0fa82d81715a7ca12ec9a034d60a168
57628a8656d3a724747f949ef5c7cad775b32396ef6034a3c22c802b088ef9e4
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5ea717cca2b878742523fac75fe0037c265e93eb6a96057e685bc411ff833046
5fd6e1b2782564a59206f88f30e52cfbf69758d0649141b126027e775b3b0553
65dcd317dfa4c961202096496246c654766966168760d7a072ef3b812a582447
66084bafad45d691a66f087d1e2f99be394a7c0948424ee8b12ee199723891df
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6d0a301cf7a19c1a407483b0c9c41cc67899b7339230ffa4a137311c19056d10
6d5bf7816a1836cf585f44dfbb4eebaf82fbfaea75f12ba6640c33f04f6b9aaa
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
77e82c69953ef85001b925b2ca8ed91e13662627834249fb6a7a63b78325b5ec
7b7a8d6831f351ce765439b51c5500dbf6418eb07da23aec17cf88810b85e704
7db2d4f870eda8f7f9951547ad82034ebdb0ae6ebd3d8328c0c782eb70d02076
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475
81366b8d555eac429c5b14198573523f55757a94d93d60c83980d38c00225e07
82a1dd321399f040d4f4e4d3895d395806fbac9ed34216b9b89c01e5091e795b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c30f3b9c7031210ffe6850877849382560ae66e56402bdc80ce3c530068855
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87a964d3ee57d64c5dfc1c04cadb738f8f6f87ede99e443201afa1715ac196b1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9fc2cb58a48f16452927685c83b07c428a5d75961fff8f634a796b0b8d1624
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
98629b475ccba8aae024b29f0b533b99d813c801b15a3bf8b17d9785fdd85f5c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a7e36aaa9181f128dfc877190a075b2bc236dbbd0662833b6def460e16d09fb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d355d98734b9724ce1261cf64834e3257c32c5130992c3aebdd84c8e4133aa1
9f0a2702bff0e0c90397d6d2e4f4aba9656e38bea1063ad88935ba676511df16
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0a059755408a9dcc9de9511b7521050cfb3aaf2bbb2f12766ddf6aed68816ac
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac9735bf2e45c6a7e0813911d309bc736b93daada029937eba6b4225e3ac6934
ad3020772c580601a51fa9053ce4ca8155c12db4fc08d125852f951d30596fff
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adf5e7c37f8621ab815d3b78f9f7fe3da104218bac09111b06ece7e1e17b0230
ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cf115e0ba90afcc063985d75e77c52f7244802865a28fcd71079998648c381
b4e05219a918031b351cbbf52978d47b5bb356d33ed2a84e783b76d54159c5d7
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba54c06d3527be26be120cf16fe14ffe2aec36ae55030a4e7c2b228054a9c68
bcd342813bac312917f92746b0d69e772e020dda4e7e027884ac72d8c0e07629
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c0258b9d875d5ae4c5d76ccc1a60327957fb59c70a38528c4ed5c896f6caa78b
c07c4280af0101109ac899ccd91d9b539d927fe58ae715fdb58617aa54ca2bf5
c0a198c5ffeaf46c85db9ee1c058f7a94af2c6ff2910083aed7e14c88faed006
c5cf0ebf969f89ff87db6e8235e8bcfd124d3f35b93def6b88e14a5c0f155c1c
c6163b79541e39dee513e65dbe9879c888d980c1884cce20d2ce25f225542320
c62c8cb039d5156fcfb5af1e44505acba6f6f6d71f426f1c44bbfed8d8927704
c6eb002be030feee5606908eda31af0f2fc5e9cfb811c12d233d42245606ea3f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cca9b330bc518707c943ac732d6c7b27c9575fbda4e7ae8b6edbd917b53cacbe
ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d50915b30d550430eae1b32889a58fe5d1b868cea34feb70f354af7e7a7c8572
d9b946481c32f4369373d2e4a287d25404305f730eaf798f4355846d597f8f61
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
decd50191a3e6112f14519ed04d7c6211aa31955ac754d6ad801ab44d3ff043d
df17a038604f387fabc1e3cc8994aba8394be245d7e3caaa989a629547803c0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9c5debd991646f8914a934d73a168313f43a10e008c90543525f82c26071bb5
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee3f5afe9e1b71c09e0f27fad062214fdd560fec9ce2b7e3ba7d8aaa2b7766d4
ee98f69a1ea10c006a75df83815e5e9de56f36dc74704aef734fe91282f484a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efeed59204d2eb15bc97b127681e3cfe55684a996433151d37dbe0550a89a505
f11172b57df67c7b2e272803e6e949fafd06fc5aeabda8fb4c2563f67f3d645f
f1523753473c37e0b86d1a6b02f4ce473fc6dc0335d7b4b4417d3eb67dc5d37a
f4d4d20fb35e356621a4e294b8052381133c6c7b4d809daaa9c02e229c8f6aab
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741
f75ab28c38a6686f3fd85b30d8d0dceccf98b0c51bc3d978a667a072c47650a0
f96c607e65e9265b8426aa1e30a0c7fa19dcfe5147a488c985df06787b10b61e