urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
52.222.236.20  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.walla.co.il/
Submission: On September 20 via api from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 103 IPs in 12 countries across 78 domains to perform 519 HTTP transactions. The main IP is 52.222.236.20, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 150616.
TLS certificate: Issued by Amazon on April 27th 2022. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 52.222.236.20 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:236... 16509 (AMAZON-02)
16 18.66.122.123 16509 (AMAZON-02)
1 52.222.214.43 16509 (AMAZON-02)
3 39 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.10 20446 (STACKPATH...)
2 2606:2800:234... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
7 23.35.237.86 16625 (AKAMAI-AS)
1 54.237.24.134 14618 (AMAZON-AES)
7 54.165.188.56 14618 (AMAZON-AES)
1 104.19.149.54 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 23.35.229.181 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.8 13414 (TWITTER)
1 2600:9000:223... 16509 (AMAZON-02)
4 14 185.89.210.20 29990 (ASN-APPNEX)
1 34.251.36.59 16509 (AMAZON-02)
4 54.72.99.24 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 64.202.112.95 22075 (AS-OUTBRAIN)
8 199.232.190.132 54113 (FASTLY)
4 2a03:2880:f11... 32934 (FACEBOOK)
4 23.35.236.201 16625 (AKAMAI-AS)
2 20 104.18.24.121 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
7 185.86.137.114 201081 (SMARTADSE...)
2 9 104.18.19.126 13335 (CLOUDFLAR...)
2 6 51.89.9.253 16276 (OVH)
2 34.98.64.218 15169 (GOOGLE)
1 198.47.127.22 62713 (AS-PUBMATIC)
1 185.255.84.150 200271 (IGUANE-)
2 72.251.249.13 32475 (SINGLEHOP...)
1 147.75.85.234 54825 (PACKET)
2 213.227.153.221 60781 (LEASEWEB-...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2602:803:c003... 26667 (RUBICONPR...)
1 18.159.163.178 16509 (AMAZON-02)
1 178.250.0.165 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 1 95.101.27.22 20940 (AKAMAI-ASN1)
2 18.195.223.252 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 185.86.137.131 201081 (SMARTADSE...)
3 3 54.155.65.255 16509 (AMAZON-02)
2 6 69.173.144.139 26667 (RUBICONPR...)
2 4 104.18.18.126 13335 (CLOUDFLAR...)
3 33 2a00:1450:400... 15169 (GOOGLE)
3 52.59.79.58 16509 (AMAZON-02)
1 4 34.251.78.188 16509 (AMAZON-02)
3 2a02:2638:1::2 44788 (ASN-CRITE...)
3 2a02:2638:1::4 44788 (ASN-CRITE...)
3 185.64.190.78 62713 (AS-PUBMATIC)
13 50 142.250.185.66 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
4 4 185.29.134.248 30419 (MEDIAMATH...)
2 35.227.252.103 15169 (GOOGLE)
3 3 2600:9000:223... 16509 (AMAZON-02)
4 5 76.223.111.18 16509 (AMAZON-02)
4 4 3.126.56.137 16509 (AMAZON-02)
2 2 185.89.210.82 29990 (ASN-APPNEX)
2 35.244.159.8 15169 (GOOGLE)
3 104.111.242.245 16625 (AKAMAI-AS)
1 66.155.71.149 13768 (COGECO-PEER1)
4 6 2a05:d018:d29... 16509 (AMAZON-02)
4 4 37.157.6.252 198622 (ADFORM)
2 2 213.155.156.166 1299 (TWELVE99 ...)
2 185.86.137.107 201081 (SMARTADSE...)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 18.157.92.103 16509 (AMAZON-02)
2 2 169.50.137.182 36351 (SOFTLAYER)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
23 2a02:2638:1::3 44788 (ASN-CRITE...)
3 178.250.2.148 44788 (ASN-CRITE...)
13 2.23.154.130 20940 (AKAMAI-ASN1)
4 2600:9000:223... 16509 (AMAZON-02)
4 142.250.185.226 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
17 178.250.0.139 44788 (ASN-CRITE...)
6 178.250.0.162 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
21 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 151.101.130.49 54113 (FASTLY)
3 3.33.220.150 16509 (AMAZON-02)
5 5 3.126.140.73 16509 (AMAZON-02)
2 2 3.120.64.210 16509 (AMAZON-02)
3 3 213.19.147.44 26120 (RHYTHMONE)
2 3.126.61.30 16509 (AMAZON-02)
1 2 172.217.18.102 15169 (GOOGLE)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
2 151.101.193.108 54113 (FASTLY)
2 23.79.143.124 16625 (AKAMAI-AS)
1 184.51.9.98 16625 (AKAMAI-AS)
2 3 52.95.126.160 16509 (AMAZON-02)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
3 5 52.46.155.104 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 18.159.233.219 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 1 64.74.236.223 22075 (AS-OUTBRAIN)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
519 103
37    52.222.236.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-20.fra56.r.cloudfront.net
www.walla.co.il
7    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:9000:236e:cc00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
16    18.66.122.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-123.fra60.r.cloudfront.net
images.wcdn.co.il
1    52.222.214.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-43.fra56.r.cloudfront.net
img.wcdn.co.il
39    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:206e:400:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
7    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    54.237.24.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-24-134.compute-1.amazonaws.com
ping.chartbeat.net
7    54.165.188.56 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-188-56.compute-1.amazonaws.com
mabping.chartbeat.net
1    104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:223e:1c00:4:1c73:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
www.googleadservices.com
3    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
4    2a00:1450:4001:80f::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2600:9000:223e:9800:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
14    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    34.251.36.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-36-59.eu-west-1.compute.amazonaws.com
ledger.crowdad.io
4    54.72.99.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-99-24.eu-west-1.compute.amazonaws.com
khn.crowdad.io
8    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
flint.defybrick.com
8    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
13    64.202.112.95 (Lovettsville, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
8    199.232.190.132 (Munich, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
4    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
20    104.18.24.121 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
prebid.smilewanted.com
static.smilewanted.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
7    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
9    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
6    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    198.47.127.22 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    185.255.84.150 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
2    72.251.249.13 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    213.227.153.221 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce14.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    18.159.163.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-163-178.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
1    95.101.27.22 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-22.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    18.195.223.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-223-252.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
4    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
3    54.155.65.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-65-255.eu-west-1.compute.amazonaws.com
ice.360yield.com
match.360yield.com
6    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
33    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    52.59.79.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-79-58.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
4    34.251.78.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-78-188.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
3    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
3    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
50    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
20    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    2600:9000:223f:f800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
5    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
3    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
6    2a05:d018:d29:3605:81f0:8432:14d1:181d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
2    213.155.156.166 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
2    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    18.157.92.103 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-92-103.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
23    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
13    2.23.154.130 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-154-130.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
4    2600:9000:223f:5800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
17    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
6    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
21    2600:1f18:1aca:4280:bfca:ef07:3b11:9732 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    3.126.140.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-140-73.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.120.64.210 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-64-210.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
3    213.19.147.44 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    3.126.61.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-61-30.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
2    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net
ad.doubleclick.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    184.51.9.98 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com
js-sec.indexww.com
3    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    18.159.233.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-233-219.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    64.74.236.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
Apex Domain
Subdomains		 Transfer
75 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
ad.doubleclick.net — Cisco Umbrella Rank: 178
300 KB
71 googlesyndication.com
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
329 KB
46 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
pix.eu.criteo.net — Cisco Umbrella Rank: 8383
csm.eu.criteo.net — Cisco Umbrella Rank: 8385
556 KB
37 walla.co.il
www.walla.co.il — Cisco Umbrella Rank: 150616
1 MB
29 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 616
static.adsafeprotected.com — Cisco Umbrella Rank: 575
dt.adsafeprotected.com — Cisco Umbrella Rank: 527
133 KB
20 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
315 KB
20 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 4497
prebid.smilewanted.com — Cisco Umbrella Rank: 5683
static.smilewanted.com — Cisco Umbrella Rank: 9599
34 KB
18 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1209
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1967
lm.serving-sys.com — Cisco Umbrella Rank: 1924
244 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
secure.adnxs.com — Cisco Umbrella Rank: 432
acdn.adnxs.com — Cisco Umbrella Rank: 611
58 KB
17 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12695
ads.eu.criteo.com — Cisco Umbrella Rank: 8147
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10454
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
160 KB
17 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1260
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2959
odb.outbrain.com — Cisco Umbrella Rank: 1507
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5655
mv.outbrain.com — Cisco Umbrella Rank: 2892
131 KB
17 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 108350
img.wcdn.co.il — Cisco Umbrella Rank: 98327
490 KB
16 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
eus.rubiconproject.com — Cisco Umbrella Rank: 564
token.rubiconproject.com — Cisco Umbrella Rank: 667
18 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
12 KB
13 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1396
sync.smartadserver.com — Cisco Umbrella Rank: 1540
ssbsync.smartadserver.com — Cisco Umbrella Rank: 873
3 KB
12 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 3965
log.outbrainimg.com — Cisco Umbrella Rank: 2321
4 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
5 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 75
2 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
6 KB
8 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 462
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
image6.pubmatic.com — Cisco Umbrella Rank: 648
99 KB
8 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1220
mabping.chartbeat.net — Cisco Umbrella Rank: 5914
2 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
289 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 407
2 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 650
rtb.openx.net — Cisco Umbrella Rank: 1505
us-u.openx.net — Cisco Umbrella Rank: 396
1020 B
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
1 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
3 KB
5 crowdad.io
ledger.crowdad.io — Cisco Umbrella Rank: 102829
khn.crowdad.io — Cisco Umbrella Rank: 88189
247 B
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
3 KB
4 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4485
sync-eu.connectad.io — Cisco Umbrella Rank: 3473
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
418 B
4 google.de
www.google.de — Cisco Umbrella Rank: 6352
adservice.google.de — Cisco Umbrella Rank: 9081
2 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 69896
122 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
793 B
3 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1077
516 B
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 696
1 KB
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2048
match.360yield.com — Cisco Umbrella Rank: 3665
947 B
3 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 29065
b1sync.zemanta.com — Cisco Umbrella Rank: 568
606 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1785
mp.4dex.io — Cisco Umbrella Rank: 2010
24 KB
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 10943
flint.defybrick.com — Cisco Umbrella Rank: 10241
20 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
195 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 714
syndication.twitter.com — Cisco Umbrella Rank: 995
133 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1317
mab.chartbeat.com — Cisco Umbrella Rank: 2270
27 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 563
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
cdn.indexww.com — Cisco Umbrella Rank: 1381
2 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3911
1 KB
2 gstatic.com
fonts.gstatic.com
91 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 826
s.tribalfusion.com — Cisco Umbrella Rank: 2209
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1578
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
r.turn.com — Cisco Umbrella Rank: 3229
869 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4933
647 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 660
727 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 549
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
746 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
138 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
340 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6558
321 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2111
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
707 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1048
576 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
177 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3005
104 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
1011 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
5 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 593
191 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 752
707 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
277 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4209
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
18 KB
1 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
5 KB
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2351
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 80677
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 105805
242 KB
519 78
Domain Requested by
50 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
www.walla.co.il
37 www.walla.co.il www.walla.co.il
33 tpc.googlesyndication.com 3 redirects 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
28 pagead2.googlesyndication.com 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.walla.co.il
securepubads.g.doubleclick.net
23 static.criteo.net ads.eu.criteo.com
cdn.valuad.cloud
static.criteo.net
21 dt.adsafeprotected.com 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
www.walla.co.il
20 s0.2mdn.net www.walla.co.il
s0.2mdn.net
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
secure-ds.serving-sys.com
17 pix.eu.criteo.net ads.eu.criteo.com
16 images.wcdn.co.il www.walla.co.il
14 csync.smilewanted.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
14 ib.adnxs.com 4 redirects cdn.valuad.cloud
csync.smilewanted.com
googleads.g.doubleclick.net
acdn.adnxs.com
13 secure-ds.serving-sys.com bs.serving-sys.com
secure-ds.serving-sys.com
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
11 log.outbrainimg.com widgets.outbrain.com
11 securepubads.g.doubleclick.net 3 redirects www.googletagservices.com
www.walla.co.il
securepubads.g.doubleclick.net
10 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8 www.google.com www.walla.co.il
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 prg.smartadserver.com cdn.valuad.cloud
7 googleads.g.doubleclick.net www.googleadservices.com
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
www.walla.co.il
7 mabping.chartbeat.net www.walla.co.il
7 www.googletagservices.com www.walla.co.il
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
6 csm.eu.criteo.net ads.eu.criteo.com
6 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
6 pixel.rubiconproject.com 2 redirects csync.smilewanted.com
6 onetag-sys.com 2 redirects cdn.valuad.cloud
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
6 widgets.outbrain.com www.walla.co.il
widgets.outbrain.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 x.bidswitch.net 5 redirects
5 eb2.3lift.com 4 redirects cdn.valuad.cloud
5 odb.outbrain.com widgets.outbrain.com
4 token.rubiconproject.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 googleads4.g.doubleclick.net www.walla.co.il
4 static.adsafeprotected.com pixel.adsafeprotected.com
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
4 c1.adform.net 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 sync.mathtag.com 4 redirects
4 pixel.adsafeprotected.com 1 redirects 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 sync.smartadserver.com 2 redirects csync.smilewanted.com
4 fastlane.rubiconproject.com cdn.valuad.cloud
4 prebid.smilewanted.com cdn.valuad.cloud
4 ads.pubmatic.com cdn.valuad.cloud
csync.smilewanted.com
4 www.facebook.com www.walla.co.il
4 khn.crowdad.io d2r08ja41ypc0t.cloudfront.net
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
3 aax-eu.amazon-adsystem.com 2 redirects
3 mug.criteo.com
3 match.adsrvr.org 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
3 cat.nl.eu.criteo.com ads.eu.criteo.com
3 sync.teads.tv googleads.g.doubleclick.net
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
3 s.ad.smaato.net 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
3 ads.eu.criteo.com 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
3 rtb.nl.eu.criteo.com www.walla.co.il
3 bs.serving-sys.com 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
secure-ds.serving-sys.com
3 mv.outbrain.com widgets.outbrain.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
2 sync.search.spotxchange.com 2 redirects
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 acdn.adnxs.com cdn.valuad.cloud
2 ad.doubleclick.net 1 redirects 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
2 lm.serving-sys.com secure-ds.serving-sys.com
2 sync.1rx.io 2 redirects
2 ads.creative-serving.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 dsp.adfarm1.adition.com 2 redirects
2 um.simpli.fi 2 redirects
2 pm.w55c.net 2 redirects
2 ssbsync.smartadserver.com 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
2 d5p.de17a.com 2 redirects
2 us-u.openx.net googleads.g.doubleclick.net
2 secure.adnxs.com 2 redirects
2 rtb.openx.net 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
2 ice.360yield.com 2 redirects
2 sync-eu.connectad.io cdn.connectad.io
2 cdn.connectad.io csync.smilewanted.com
2 creativecdn.com 2 redirects
2 match.sharethrough.com csync.smilewanted.com
2 static.smilewanted.com csync.smilewanted.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 b1h-euc1.zemanta.com cdn.valuad.cloud
2 ap.lijit.com cdn.valuad.cloud
2 u.openx.net cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 mcdp-nydc1.outbrain.com widgets.outbrain.com
2 www.google.de www.walla.co.il
2 flint.defybrick.com rock.defybrick.com
www.walla.co.il
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.walla.co.il
2 platform.twitter.com www.walla.co.il
platform.twitter.com
2 static.chartbeat.com www.walla.co.il
1 csync.loopme.me 1 redirects
1 b1sync.zemanta.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 px.ads.linkedin.com
1 js-sec.indexww.com cdn.valuad.cloud
1 sync.targeting.unrulymedia.com 1 redirects
1 sync-tm.everesttech.net 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
1 dclk-match.dotomi.com 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
1 s.tribalfusion.com 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 fonts.googleapis.com cdnjs.cloudflare.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 match.360yield.com 1 redirects
1 r.turn.com 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
1 ads.stickyadstv.com 1 redirects
1 bidder.criteo.com cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 prebid.a-mo.net cdn.valuad.cloud
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 htlb.casalemedia.com cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 stats.g.doubleclick.net www.google-analytics.com
1 ledger.crowdad.io www.walla.co.il
1 rock.defybrick.com widgets.outbrain.com
1 syndication.twitter.com platform.twitter.com
1 widget-pixels.outbrain.com www.walla.co.il
1 tcheck.outbrainimg.com widgets.outbrain.com
1 www.googleadservices.com www.googletagmanager.com
1 d2r08ja41ypc0t.cloudfront.net cf.dxmcdn.com
1 cdn.permutive.com cf.dxmcdn.com
1 ping.chartbeat.net www.walla.co.il
1 mab.chartbeat.com static.chartbeat.com
1 cf.dxmcdn.com www.walla.co.il
1 cdn.valuad.cloud www.walla.co.il
1 img.wcdn.co.il www.walla.co.il
519 135

This site contains links to these domains. Also see Links.

Domain
weather.walla.co.il
mail.walla.co.il
fantasy-sport1.walla.co.il
news.walla.co.il
elections.walla.co.il
sports.walla.co.il
finance.walla.co.il
e.walla.co.il
celebs.walla.co.il
food.walla.co.il
fashion.walla.co.il
healthy.walla.co.il
travel.walla.co.il
tech.walla.co.il
cars.walla.co.il
www.sheee.co.il
nadlan.walla.co.il
www.wallashops.co.il
www.drushim.co.il
www.yad2.co.il
b.walla.co.il
marketing.walla.co.il
mekomi.walla.co.il
home.walla.co.il
horoscope.walla.co.il
gaming.walla.co.il
fun.walla.co.il
judaism.walla.co.il
law.walla.co.il
mazaltov.walla.co.il
now.walla.co.il
calendar.walla.co.il
tv-guide.walla.co.il
walla.co.il
www.b144.co.il
tld.walla.co.il
beauty.walla.co.il
perfectmatch.walla.co.il
mumlazim.walla.co.il
b144.walla.co.il
yoram.walla.co.il
career.walla.co.il
paisculture.walla.co.il
tmirecycle.walla.co.il
starkist.walla.co.il
dogsandcats.walla.co.il
galil.walla.co.il
yarokkl.walla.co.il
www.wallatours.co.il
www.wallaprint.co.il
vod.walla.co.il
viva.walla.co.il
www.facebook.com
twitter.com
www.instagram.com
www.tiktok.com
help.walla.co.il
dcx.walla.co.il
apps.walla.co.il
bit.ly
www.outbrain.com
sport1.maariv.co.il
hazihinam.walla.co.il
experis.co.il
www.manpower.co.il
jobs.experis.co.il
havazingboimworld.walla.co.il
www.enaim.co.il
dominos.walla.co.il
www.seolinks.co.il
hayoetzet.co.il
www.leumi.co.il
www.sugat.com
m.onelink.me
pricelist.yad2.co.il
www.oref.org.il
bama.bio
www.maariv.co.il
www.hamal.co.il
Subject Issuer Validity Valid
*.walla.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.wcdn.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
valuad.cloud
E1		 2022-08-31 -
2022-11-29		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
cf.dxmcdn.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-29 -
2022-09-27		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
rock.defybrick.com
Amazon		 2022-05-09 -
2023-06-07		 a year crt.sh
crowdad.io
Amazon		 2021-10-28 -
2022-11-26		 a year crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-17 -
2022-11-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
bs.serving-sys.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
secure-ds.serving-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-05 -
2023-03-08		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh

This page contains 72 frames:

Primary Page: https://www.walla.co.il/
Frame ID: B5A0F7F589E762132C338706825693AD
Requests: 174 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: 8052FE2E7210C2840BE52DA58AB1E328
Requests: 2 HTTP requests in this frame

Frame: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 23E8A327F798D32B3DA1FD273D0151CF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E4F016D85CF20AFCBAA86EE213C62C3B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 0CA9FBF75DC872905C40DC71C2DE2CF4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/36d5578ba0396e88eb3e7c78a99ebaa
Frame ID: 5DC14D050984B353927A32F24C5B3F2F
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 9006ADC63D21869F15842994E34A4535
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/vtvF2gBaSkXNS7JK2MYo?pi=smilewanted&tc=1
Frame ID: F480B1758C37E55AE8A1612560E835F0
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9b08554c0129b156e2f813918930b434
Frame ID: BFA019015036A5DF15ACDCE479961DD1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: FCE7CD3DE1810DE10AAFC70ED2BD8FE1
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 0451943F3D8338AEBE22BFF3CC3453FC
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 8E4A72FA140DBC66B949EF8839F61B89
Requests: 1 HTTP requests in this frame

Frame: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25D8CA8ADD7C720E7C41114303AE8E57
Requests: 47 HTTP requests in this frame

Frame: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4DA8C591CA7C06B6B6CD46D20C05B6CC
Requests: 10 HTTP requests in this frame

Frame: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 01778F31C0AA828DAC6035D93835056A
Requests: 4 HTTP requests in this frame

Frame: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A3E1DF3F4FF14B388261E2E5D2245EEE
Requests: 4 HTTP requests in this frame

Frame: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CA7F4E25787FF196A15AFBA09E4F9798
Requests: 4 HTTP requests in this frame

Frame: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6704AFE5B6D74DFB144C67B113924EBB
Requests: 16 HTTP requests in this frame

Frame: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D1A0D96CFEDAEC8C7BFAC0C3FAD6792A
Requests: 9 HTTP requests in this frame

Frame: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60C5838CFE3EF659DB7F1D5A5F99CF20
Requests: 14 HTTP requests in this frame

Frame: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 98D8FEDEDF3832C69CFF563F62C47620
Requests: 8 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/58aaaaf6-953a-40c4-b830-55a53ea376a1&partner_id=1010
Frame ID: 7E6FE83B5BDA1492B99F071AD1166F6F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 14E4091A67404731C7EAC9C38F55CA9E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 88DDCAEF47F9A4074642DFE14CE0D97E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3886B2741828DBBA64F1455FF5703C16
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yym0CzpmFmunT9UL8.e-.AAA%261181
Frame ID: D1551AA58921A1DCBA4248E0FFB377D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCw62oYtpWg0gEwAQ&v=APEucNVEmTZj4RdMcz8GbpMvVNPvKulPJ41Yq1zuja_7gBJ32crHcxZjekoINkwLzlkJNBW-TG2yBVV7A0PukceDFsp9tVlEojgwf4UPvwmkr5RKV9OK0mG8KWoCPlJulHXJjH-NGpLIAQZ5qiYZsnpxosmCaDMtWTxsehBprmpL4ip2xTpObcE
Frame ID: C009503CF310B790E2A223E69AEAB1E7
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 7FA14C8469FF7D40FEF59C5E5E7ACE1B
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0CED2FEE7CC3539C62394C90EFE6491F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj31JHSATAB&v=APEucNWgRks_7xQtf3FOClJfT4ztpfk-Sb0CqgryWsI6lsx-M6jrfuQMQPpyPmeoxqZGojqysrS6TLxPpi15J-pFl7YXDkNV2wXfRcjSikYV7f0ap0NGF-t8vB_JkyGFunz82VOzPqmzPZSZBLx9LiFPeqNxSuB8kMa7f6g7Fuzg_WF1yPPgiws
Frame ID: 2C3AD99A8B11A60BE337A76F3036D44E
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: D2E8C7CDD4141782BED2EED22FC4D430
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 70EE70E642E16559CF9A3B37325CBF6B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhju05HSATAB&v=APEucNUw9rRDgGwDKflMM5DBMvoPv3iCPTBFOhO0dFGEA7X9iHzXH__Q3BshQSc48HVvLFyLqbwlMnpx3HFK3-Nt7FolUgHps_b3EEshfCNt_opqZCPbxxgt6QitmtsZEoqI5D0h2nWRVJmjOXr4K2poAYVr3lVxQiN_EDKmCWxjVYwL2a7bGxw
Frame ID: 46E3FE76821353D05796F2A7E7BB2A3B
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: A8014F7FF58466FBFA2B63B5279ED21B
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BB510E7557323E833092C08F570125DF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A07C29F92248BAC46C046D846964679A
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/index.html
Frame ID: F1C17CBFC540CCBDD66F63075684EB5E
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/index.html
Frame ID: 0F89A5FD15C6323D2357DB5479AA9945
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 76A6F3934096B2B3AF2272ABEB27AC0D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D4422420329F3403774C91DA9917469D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B0483DB2A160FD3B3945A92613FCE17
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 353DBB389D99C11434CC4A653406C254
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 8DCF200B4C1EE81DE0063B59077F6FF0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 97801EC943BC7AA9741A6CC81C4CB643
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A3BDDFA22751959857438C6E9AD29437
Requests: 3 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: CAEB9181EA207D0FDE2EEAAA1BF1B468
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: E0734A1237706F2BDC41CAAC71F7D92B
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: AD2E9A789B1E1E5DB8F28D633B9DAAE7
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663677451078
Frame ID: 84AD9E1EDADAD58456D7226E2022EBC7
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13421168
Frame ID: 5E054AD763CD288732260871734AFFB0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 8133F3018A701960DBAEDEFCC1205181
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4CDE284B0ABA0591F70DEAE99A8AB4F0
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2E5A80BD18EEA1048A660FD2B3E7F129
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6E282E65B58D55F32C909F97EC4119E1
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5C1D0935AB8D96D08D4B557621C30862
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 355677AE0CBD7BB20516E52EB75E2CA6
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0661472D55FB72260838F64FDEF51213
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 15EA3AD99C72B861722BF70DCBE95861
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8FD65CD034CCFDB365BC6A3A1AAF6BA
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 12EC006AA7F9AE247934497C71F0E4E3
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 62B16F5C7E0D86DE2FBF068B3D82AFBD
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: A153C1BC1DFE9BDC464AAE51D6150405
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9b08554c0129b156e2f813918930b434
Frame ID: 9FAF4F54654E54C1891B401C31E2A0AE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 6671D714FEBBD050F3D995AF048FAB72
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 7D1EB2B27297F4B5720441C1F63A88B2
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 10503002889DB69ECF1F2BB8085C7808
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: A0CB85501AC4E8654883FC7FD36C68DE
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 701DF02A50DDA981C718F41718159809
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/00b6bc83-38e1-11ed-9e71-10b91cd50306
Frame ID: 26B0C8BC77D3D13C0330802715C461A4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: D650A8B4E6440F1535AB2A72D83BC064
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/loopme/e3db4219-e47b-4f79-9f2d-a21f1cf07a4e?gdpr_consent=null&gdpr=0
Frame ID: 35B4DB8B51E33A5F12890B0E231EF55F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-aQIFYANE2uF58HjM9z7vbSVQ_IJEp3gnOgwxl3U-~A&gdpr=0&gdpr_consent=
Frame ID: 7DDBEDBBCEF4BF668D11CFE94CF39A1F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! - האתר המוביל בישראל - עדכונים מסביב לשעון

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

519
Requests

88 %
HTTPS

38 %
IPv6

78
Domains

135
Subdomains

103
IPs

12
Countries

5420 kB
Transfer

13106 kB
Size

70
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=65efd454-16e0-4346-8acd-2851214758e0&adnxsUserId=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D65efd454-16e0-4346-8acd-2851214758e0%26adnxsUserId%3D%24UID HTTP 302
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=65efd454-16e0-4346-8acd-2851214758e0&adnxsUserId=1972190678536387543
Request Chain 159
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/36d5578ba0396e88eb3e7c78a99ebaa
Request Chain 161
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/vtvF2gBaSkXNS7JK2MYo?pi=smilewanted&tc=1
Request Chain 164
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9b08554c0129b156e2f813918930b434
Request Chain 169
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 180
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/58aaaaf6-953a-40c4-b830-55a53ea376a1&partner_id=1010
Request Chain 184
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yym0CzpmFmunT9UL8.e-.AAA%261181
Request Chain 186
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvW2CSWD7tm7Hm_Ulg9DtZV4xcfZvcT_qylL_nvAR99zGkz22Tg82LxmXPaD0rT95eE3pz105N3_ueWS9pSv0k6DkuD9W9pJpEQYGi8kVOCYQE-NlCnrw8_-0tBv3KxJ1IDgSfeM9eWVj_XnUHGBEIpcMadn_PPPxaRJLN4e7T62xOVumx4XnWekWh0I9JtAEoiwV4htaqdG1BTgBDLCjeJo3UtuvjNf6Vb46Vmdhu6hkevX36f9BCpp2Ef5s-AlAsjfUhfYciEqoc7bCCJsqljxeg-ju42Bj35j_oMnHCJGwJbvlJaE3FhZEWqBWDYJPxzl6XxZ67PqnaPRSg%26sai%3DAMfl-YRjkoji6zRoTR2MUrY3HfgxnT1DMs6-f1-_hDLOod4nD33f-ZmHbukbk4GZDyFOuFpGr8Ew4NPlzpFkAQIYpQ_AzSPcH7xlYA9GC_k8dAXji5sZB5NL9rvsgB_g9NY%26sig%3DCg0ArKJSzEHJz2lyvqpfEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 188
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjst0icFiANSczdqhCBRN5mKXnrFeF_7lAKaZcEKT188Cbc4oI61bL_eHL4HGHuSJxVzZPOlPhGarNCqvl5y_toe3KQxINm3uckkBmxJwJ66_NlfUoRPPchjWXkdT2I1Ejav25sRi26TpZYmbXx754DcLO7zB8eWFh32LtBCGhzcKCRR1eks4452XDP9pXVh-Bt5O0VJcHb6-8-q6-uhWSsvRp31IWE39zyY5J1elPkBcMSwhM_aldO6CvWYL4MZdDMmrNyZc78hw8FfIU5Xqhc7vaSPwAylFEAK3TktBk4UWOuAlzRvSXkEauG1qBpZPhYL9nwkbGTWRnU1C651j%26sai%3DAMfl-YSFMAHHwBXPr4sfjaYtb_bdsAwS2zhd4mVMPpm4Z8hqQeiRXiLiosqf34m9p8EwGKkL0DJKPenA26jWpm9uq3-5OsoFNTJWbqHIhC2LK-t5LNAEx49uMoaGIAOAPfU%26sig%3DCg0ArKJSzIpNQhiSB-GJEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 190
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsujg6ahlM8FQtjToxBEStiEt6svBvmiQV4Uayvnjsli9ThbEAYwABW0mFY3zqa77zM4G_EIh7f6i92P9W5uU_41VP2MAoomgaovs96eGxKHTvHcJhz6nAkDUW0iBMDcrj2BOlga86CWD8fB5DHWvt4jxO96_l9RFa0T-aMUCoq9R208qj_9wjpqzjxPIY3ztBHw9VpS1l-8DQD1PK17Nrqcn-NB5xO73WPFXkq86rTE5YZ9Mfu3EEjPugkN1b_kUNlCJxgx5kaH1AzPfoxEljJRxZkx6EMXc7g92d1nrm1y-gHSV53kdOi-WKgElNrh2eb2SCakugBblJUFQbI%26sai%3DAMfl-YR2JP4jowqcxjzBt9e1w5VCxZcg6BL4aXp3HunLrJl3750V_Hy2g6P8HZ3hVvYHM7QvZ6JnDZY9F7SlthtNj6XLap81XUnGGfDaD_R4tjr-BwsWcd5-7pXutEXw66Y%26sig%3DCg0ArKJSzLqN__7pcdXWEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1
Request Chain 250
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yym0CzpmFmunT9UL8.e-.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1&google_hm=2
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKfyYe2156tKDT4o8OFL_R8&google_cver=1
Request Chain 252
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1
Request Chain 254
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yym0CzpmFmunT9UL8.e-.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1&google_hm=2
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKfyYe2156tKDT4o8OFL_R8&google_cver=1
Request Chain 256
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D
Request Chain 262
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJc5PeGVuIViLx-rfl536tk&google_cver=1&google_push=AZmPxg_P8ansv3-nvZl658LCoNiBRuYgttZvrBiuvImKLR3IrAXRy4az0TBZ6_QjHVUSWEmcdYvtKemkjWgP69pbTiNT3uKzGd0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_P8ansv3-nvZl658LCoNiBRuYgttZvrBiuvImKLR3IrAXRy4az0TBZ6_QjHVUSWEmcdYvtKemkjWgP69pbTiNT3uKzGd0
Request Chain 265
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAmRiGayyJKX33m8w0_N6Kk&google_cver=1&google_push=AZmPxg9EJu5kh06wPKUh-vO_uNpRa9UzsOOJIq2FsfUkLuxN9m80xrcHTlnwPs8iNUSKLWr8WvTHMs0gXaFRWZcf2E_jL5X7cn0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9EJu5kh06wPKUh-vO_uNpRa9UzsOOJIq2FsfUkLuxN9m80xrcHTlnwPs8iNUSKLWr8WvTHMs0gXaFRWZcf2E_jL5X7cn0
Request Chain 266
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO54ey0oMTWf8tUEtf3890s&google_cver=1&google_push=AZmPxg9JTU8TFCk1IQp8scn1P1LSAwLpwpsFQ1-tppxepokSYO51sCcfZ_R1u097KDgBnaswcDdpvP91_n2lt-NZEEG4TeP1KR2N HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9JTU8TFCk1IQp8scn1P1LSAwLpwpsFQ1-tppxepokSYO51sCcfZ_R1u097KDgBnaswcDdpvP91_n2lt-NZEEG4TeP1KR2N&google_gid=CAESEO54ey0oMTWf8tUEtf3890s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg9JTU8TFCk1IQp8scn1P1LSAwLpwpsFQ1-tppxepokSYO51sCcfZ_R1u097KDgBnaswcDdpvP91_n2lt-NZEEG4TeP1KR2N
Request Chain 267
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHkMmGhi3y0vvriLk8HuJC4&google_cver=1&google_push=AZmPxg8CNQnRO3THGFoV6xBeF40iNm0YhTZORudD0tEOmPLsuDG0N6KreuEzkQvO5a7auYNm-_WVgHOcD3SZQ4DDVnFX2zV9hDt7 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHkMmGhi3y0vvriLk8HuJC4&google_cver=1&google_push=AZmPxg8CNQnRO3THGFoV6xBeF40iNm0YhTZORudD0tEOmPLsuDG0N6KreuEzkQvO5a7auYNm-_WVgHOcD3SZQ4DDVnFX2zV9hDt7&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RMG0uQmV4RTJ1RU5Pb09odTQ2czZ3RmdwemRwcHZTcn5B&google_push=AZmPxg8CNQnRO3THGFoV6xBeF40iNm0YhTZORudD0tEOmPLsuDG0N6KreuEzkQvO5a7auYNm-_WVgHOcD3SZQ4DDVnFX2zV9hDt7
Request Chain 268
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDRFTULq7x__XsgPARv98J0&google_cver=1&google_push=AZmPxg-zXCtIu0Ox_tjspqedsYuTJsXHWQ0KvHByor2m0sbhu7gFzZGs5yCY8wXAaqa7UG7fH_kOJWpOH8Yf65hTZKgQid3TFo3BsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D&google_gid=CAESEDRFTULq7x__XsgPARv98J0&google_cver=1&google_push=AZmPxg-zXCtIu0Ox_tjspqedsYuTJsXHWQ0KvHByor2m0sbhu7gFzZGs5yCY8wXAaqa7UG7fH_kOJWpOH8Yf65hTZKgQid3TFo3BsQ
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2EzxP-Zyn6PK6gljSGg6M&google_cver=1
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESENtRhsT-s-FzwssLg6P4EJo&google_cver=1
Request Chain 277
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhH6-6W_lGjG0vdCcyoyms&google_cver=1&google_push=AZmPxg_TaYPZObzWWwb9sVQr7jkcaQNwIyNRiaow_FVsdBU9II58hbFeHAPetdcAyKBuHRCG3L3ej2jKB_nV5zMplABVBa-2iZsv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_TaYPZObzWWwb9sVQr7jkcaQNwIyNRiaow_FVsdBU9II58hbFeHAPetdcAyKBuHRCG3L3ej2jKB_nV5zMplABVBa-2iZsv&google_hm=MzU0MDI2MTczMTMzOTM3OTQ0Nw%3D%3D
Request Chain 278
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBIfaVhLsLL7i8RrMPTvidQ&google_cver=1&google_push=AZmPxg_S92nCMXe-IV8DYlWJ7dgqq_9b9XUPM5vzw2oN1SMSO23i6PEvOTktdixmEg1FVyIFqPBVJWo891T8n9RxceGTzGV5VuA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBIfaVhLsLL7i8RrMPTvidQ&google_cver=1&google_push=AZmPxg_S92nCMXe-IV8DYlWJ7dgqq_9b9XUPM5vzw2oN1SMSO23i6PEvOTktdixmEg1FVyIFqPBVJWo891T8n9RxceGTzGV5VuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg_S92nCMXe-IV8DYlWJ7dgqq_9b9XUPM5vzw2oN1SMSO23i6PEvOTktdixmEg1FVyIFqPBVJWo891T8n9RxceGTzGV5VuA
Request Chain 279
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEDi5KyLwftRbBHOHFb2FQ0&google_cver=1&google_push=AZmPxg_x3o5JWD049YMLoEektTKfTmWUn2Ucm-WkoXYkIQCU5Xp5nBcLsC7CrKZVw-o9xD2N6NEyz2_8Fkp6n2kRJudd6047ojGn HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEDi5KyLwftRbBHOHFb2FQ0&google_cver=1&google_push=AZmPxg_x3o5JWD049YMLoEektTKfTmWUn2Ucm-WkoXYkIQCU5Xp5nBcLsC7CrKZVw-o9xD2N6NEyz2_8Fkp6n2kRJudd6047ojGn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_x3o5JWD049YMLoEektTKfTmWUn2Ucm-WkoXYkIQCU5Xp5nBcLsC7CrKZVw-o9xD2N6NEyz2_8Fkp6n2kRJudd6047ojGn
Request Chain 280
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAcEhMqLXXIftd05mSw8MRA&google_cver=1&google_push=AZmPxg9ug0aoohY4XlIRDqxmAJceMtuJtj_5SC4Q7qHIVD2h0TCgAtm2mQSuW5NZ5LivmbJSzmHvUIGPShZ3OTK-QYAsexLZJ_o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg9ug0aoohY4XlIRDqxmAJceMtuJtj_5SC4Q7qHIVD2h0TCgAtm2mQSuW5NZ5LivmbJSzmHvUIGPShZ3OTK-QYAsexLZJ_o
Request Chain 282
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBVSsr4va8rM1iu1MzpJLSk&google_cver=1&google_push=AZmPxg9evr13AEmASielOSynB3AvjCbO5_dF1htltjg20E8U1Krq0suozpBgTguzAPZND79YYPLk4_jj2Wa3G8Y9HOuy4qAZofVC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg9evr13AEmASielOSynB3AvjCbO5_dF1htltjg20E8U1Krq0suozpBgTguzAPZND79YYPLk4_jj2Wa3G8Y9HOuy4qAZofVC HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 290
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFP2b1Qo9cXSYcbHsYaQv54&google_cver=1&google_push=AZmPxg84a5kKm6uuW3JTT_lF580CGYQQOCRDdP3RHRITBwX3iSu3OXHoAcb66Kjt83LbUPSWuoySBgoAMabebU08_OkisfeREg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ5NjA2NzI4MTcyOTQ3MzIwOQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFP2b1Qo9cXSYcbHsYaQv54&google_cver=1
Request Chain 291
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPET0DHPZKLtq67roMfRZPA&google_cver=1&google_push=AZmPxg8wrgv-oQPJvnL43U5kC_caPqW-luyXAjR0ExzNIuTpS8sTskzLcMTczdZUULtrx5AIv6qJw9r3k9NyF0fWHh9H1_OOjqk HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPET0DHPZKLtq67roMfRZPA&google_cver=1&google_push=AZmPxg8wrgv-oQPJvnL43U5kC_caPqW-luyXAjR0ExzNIuTpS8sTskzLcMTczdZUULtrx5AIv6qJw9r3k9NyF0fWHh9H1_OOjqk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NkNod0R6MWUxT0FDdmk1&google_gid=CAESEPET0DHPZKLtq67roMfRZPA&google_cver=1&google_push=AZmPxg8wrgv-oQPJvnL43U5kC_caPqW-luyXAjR0ExzNIuTpS8sTskzLcMTczdZUULtrx5AIv6qJw9r3k9NyF0fWHh9H1_OOjqk
Request Chain 292
  • https://um.simpli.fi/gp_match?google_gid=CAESECHnYw4Pvyl9w0ZwT0ui8Sc&google_cver=1&google_push=AZmPxg9PdQuLVzDz-RQ_3RqdPQqp9vhs0JO4x3_pJbcsuzrr7v3C-iS0OzW8oXkFnSo3L8OV4H-qqJrLcq6ISjQf5Lkz0oHmpg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30805A5E815B43ECABF9F504ED92B27B&google_push=AZmPxg9PdQuLVzDz-RQ_3RqdPQqp9vhs0JO4x3_pJbcsuzrr7v3C-iS0OzW8oXkFnSo3L8OV4H-qqJrLcq6ISjQf5Lkz0oHmpg
Request Chain 293
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECGVFMJim-2EBr1X274eDZU&google_cver=1&google_push=AZmPxg86noOzhSfPOnOWll1AiXzk07Kpm-FX_HmIQL_Y1jtPWOP7CmimJE7wZ05ZgWu_U_v3t6LAv84s_OrzA3oV9DeB59U9Eg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MDI0NzQ0MjM3Mjc0OA%3D%3D&google_push=AZmPxg86noOzhSfPOnOWll1AiXzk07Kpm-FX_HmIQL_Y1jtPWOP7CmimJE7wZ05ZgWu_U_v3t6LAv84s_OrzA3oV9DeB59U9Eg
Request Chain 294
  • https://match.360yield.com/match/ebda?google_gid=CAESEABvWRq04yWpLeymkdsxGJI&google_cver=1&google_push=AZmPxg-JrWl78taBuOI5R52Mob7RyctA5uyNcRrME0Z2WPpgKCHjenS0zQ_J1o15jIqUtd8xKyIxuVRkhgLLdl40jr7pzxs0x5c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WKqq9pU6QMS4MFWlPqN2oQ&google_push=AZmPxg-JrWl78taBuOI5R52Mob7RyctA5uyNcRrME0Z2WPpgKCHjenS0zQ_J1o15jIqUtd8xKyIxuVRkhgLLdl40jr7pzxs0x5c
Request Chain 296
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBVSsr4va8rM1iu1MzpJLSk&google_cver=1&google_push=AZmPxg8yKu8QMKtd831fc-WaXKS3ifCmxLodkr28dvhcZX9biHS6zPFDsRqve_zFWOB5sKNTkYGrOWlJJIqKi8kMf4NjuGfG8tYP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8yKu8QMKtd831fc-WaXKS3ifCmxLodkr28dvhcZX9biHS6zPFDsRqve_zFWOB5sKNTkYGrOWlJJIqKi8kMf4NjuGfG8tYP HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 363
  • https://pixel.adsafeprotected.com/rfw/st/1153208/65390207/skeleton.js?adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ad2b216a-7bcb-a4b2-5410-9e33870c5c07,c:oL2q8G,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c95fbbff-tk99b,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:490,mot:0,app:0,maw:0,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.1153208-65390207%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:1,tt:rjss,et:530,oid:fefc70f9-38e0-11ed-a654-4a4e102e2a9b,v:19.8.352,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 379
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJc5PeGVuIViLx-rfl536tk&google_cver=1&google_push=AZmPxg9_qIHcDoq5X2Jwly5TAVnC3WjBldS9Sp08_6lKmSttYZvvvoJ81nHKNTTTuDMDu_KxmNn5NfVaCwtpECWD6tZ5y65R_T4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg9_qIHcDoq5X2Jwly5TAVnC3WjBldS9Sp08_6lKmSttYZvvvoJ81nHKNTTTuDMDu_KxmNn5NfVaCwtpECWD6tZ5y65R_T4
Request Chain 380
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBr4lk8LkjC7hJKsR569HDo&google_cver=1&google_push=AZmPxg8AEfJzS2I5BNrTmyMzHbJTIHZXMwWK34ai3J6U90RnrFGQcS1ZMRoWXpHH6kH2o0Xhsrs-Z8Wh1lWde_7MK-ICliIjxA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8AEfJzS2I5BNrTmyMzHbJTIHZXMwWK34ai3J6U90RnrFGQcS1ZMRoWXpHH6kH2o0Xhsrs-Z8Wh1lWde_7MK-ICliIjxA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBr4lk8LkjC7hJKsR569HDo&google_cver=1&google_push=AZmPxg8AEfJzS2I5BNrTmyMzHbJTIHZXMwWK34ai3J6U90RnrFGQcS1ZMRoWXpHH6kH2o0Xhsrs-Z8Wh1lWde_7MK-ICliIjxA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8AEfJzS2I5BNrTmyMzHbJTIHZXMwWK34ai3J6U90RnrFGQcS1ZMRoWXpHH6kH2o0Xhsrs-Z8Wh1lWde_7MK-ICliIjxA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 381
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOONSTMohJWUhkhBwPijwgw&google_cver=1&google_push=AZmPxg-s0xQxT7hPjkSB6zCKTA8slH5u4OUc-AZOjxO5wLnMOtCxMBKdKZokG-8uX9GXj8VaMtC77cm9w21kSaFkSLkjv850SPo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MDI0NzQ0MjM3Mjc0OA%3D%3D&google_push=AZmPxg-s0xQxT7hPjkSB6zCKTA8slH5u4OUc-AZOjxO5wLnMOtCxMBKdKZokG-8uX9GXj8VaMtC77cm9w21kSaFkSLkjv850SPo
Request Chain 382
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEA6nuKaHNZTk_m3FuWf065Y&google_cver=1&google_push=AZmPxg-2XkMlqVXJt0dbgo1GYadjKcYKTgDQwSrs-O6SirrB7YHgsjTW2F4CjhMBbUzfY5qXjRiegSF2_5bKCKvMNL2g7GpG-rM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-2XkMlqVXJt0dbgo1GYadjKcYKTgDQwSrs-O6SirrB7YHgsjTW2F4CjhMBbUzfY5qXjRiegSF2_5bKCKvMNL2g7GpG-rM&google_hm=MzU0MDI2MTczMTMzOTM3OTQ0Nw%3D%3D
Request Chain 383
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELIE3KIgcefMqfNGTZenT5c&google_cver=1&google_push=AZmPxg9bYRp7ZERv6tpcHNZEUXLFk7p-vwSi9k32j5erbCdAVrpi9GuXGG0Olda44bdHberfoQ01Vzmr0B47Dy7tnDv28CaeRvk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg9bYRp7ZERv6tpcHNZEUXLFk7p-vwSi9k32j5erbCdAVrpi9GuXGG0Olda44bdHberfoQ01Vzmr0B47Dy7tnDv28CaeRvk
Request Chain 392
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH66xgc1-KIxZTrCuZBzg_Q&google_cver=1&google_push=AZmPxg_hPvRzaB5-9QPzSHvdrsvPTSgN_MP9Wi73B4xG31HAfkR5J-IJQoaDYFjmHurraunhuJqV60WvvzbG3t9b6NEjruGeaPvi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg_hPvRzaB5-9QPzSHvdrsvPTSgN_MP9Wi73B4xG31HAfkR5J-IJQoaDYFjmHurraunhuJqV60WvvzbG3t9b6NEjruGeaPvi
Request Chain 394
  • https://um.simpli.fi/gp_match?google_gid=CAESECHnYw4Pvyl9w0ZwT0ui8Sc&google_cver=1&google_push=AZmPxg-IGq0p9fp5KZF3KK-6-3QL8faOfRtUQK_1b3SKcU0T8Laz6hPK7-LubF21m-nhDOEJmzKdeRRPXXUpWoLt7T8Jd5JZv4VLbw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30805A5E815B43ECABF9F504ED92B27B&google_push=AZmPxg-IGq0p9fp5KZF3KK-6-3QL8faOfRtUQK_1b3SKcU0T8Laz6hPK7-LubF21m-nhDOEJmzKdeRRPXXUpWoLt7T8Jd5JZv4VLbw
Request Chain 395
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhH6-6W_lGjG0vdCcyoyms&google_cver=1&google_push=AZmPxg-3LUdUnI5FXh5niZ5olbclRIhWfclFqCLJU2Lbq-65UFk_euRoOnw9XkQRXl9E21J_eDpoOlT6FzBNj96mP-pytUPJIpgxSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-3LUdUnI5FXh5niZ5olbclRIhWfclFqCLJU2Lbq-65UFk_euRoOnw9XkQRXl9E21J_eDpoOlT6FzBNj96mP-pytUPJIpgxSQ&google_hm=MzU0MDI2MTczMTMzOTM3OTQ0Nw%3D%3D
Request Chain 396
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEE-k0F6wqaSGoWnpGawnt5A&google_cver=1&google_push=AZmPxg9dFb18wAoAbBaE-xer8xZdF9oi7O8lm3g52EmYYGs98lzJJJ2zsQ7m9HQMA9yu6y9bsy1KGcZPs3fYVgQVLpnkpPnPuns9aw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9dFb18wAoAbBaE-xer8xZdF9oi7O8lm3g52EmYYGs98lzJJJ2zsQ7m9HQMA9yu6y9bsy1KGcZPs3fYVgQVLpnkpPnPuns9aw
Request Chain 397
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAcEhMqLXXIftd05mSw8MRA&google_cver=1&google_push=AZmPxg-p6YK0DBEv0nG90U9unzrsEhSrmZFLKqZLPX7SPm3bacESmHAAnUUQJjED7FsMHDeK3gEsOm4sqFY7fiHBfwAD0mG_TvIrmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg-p6YK0DBEv0nG90U9unzrsEhSrmZFLKqZLPX7SPm3bacESmHAAnUUQJjED7FsMHDeK3gEsOm4sqFY7fiHBfwAD0mG_TvIrmg
Request Chain 400
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH66xgc1-KIxZTrCuZBzg_Q&google_cver=1&google_push=AZmPxg811sdfbTW280zvRS5F9mJXtxnGiTOqehWWwacmIw8DCJoU-iabaQWwEN69RqpOCtX-8eI_lQO5QrIiT-rXvPWkSIhJuj-zjw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg811sdfbTW280zvRS5F9mJXtxnGiTOqehWWwacmIw8DCJoU-iabaQWwEN69RqpOCtX-8eI_lQO5QrIiT-rXvPWkSIhJuj-zjw
Request Chain 402
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECbVRDjzmOegUva2O1SGhcc&google_cver=1&google_push=AZmPxg_r74K4LoplksguD3Slg1Up1xCjzXp3ARpgxZKoaw_fTYMi-DlU6FXNqSEBJWE_gx-cyKPv4qmoxAs1hixJ7nw9pqk3piTd_g HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECbVRDjzmOegUva2O1SGhcc&google_cver=1&google_push=AZmPxg_r74K4LoplksguD3Slg1Up1xCjzXp3ARpgxZKoaw_fTYMi-DlU6FXNqSEBJWE_gx-cyKPv4qmoxAs1hixJ7nw9pqk3piTd_g HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=2c0cad57-818b-415f-a59c-7ba35dc0bf18&ssp=google&expires=30&user_group=5&bsw_param=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_r74K4LoplksguD3Slg1Up1xCjzXp3ARpgxZKoaw_fTYMi-DlU6FXNqSEBJWE_gx-cyKPv4qmoxAs1hixJ7nw9pqk3piTd_g&google_hm=S01A7jt7RcuN1PY7WjHmpQ==
Request Chain 403
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBIfaVhLsLL7i8RrMPTvidQ&google_cver=1&google_push=AZmPxg_cATO6bBZRKomU29MuCEfFr7epu1zOYH1J5GdgWzuUlonZBrKtOBZJrHgBgYVTFMwBaU8nWuPpuFCuqG-RMrnZPorosZcQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg_cATO6bBZRKomU29MuCEfFr7epu1zOYH1J5GdgWzuUlonZBrKtOBZJrHgBgYVTFMwBaU8nWuPpuFCuqG-RMrnZPorosZcQ
Request Chain 405
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEE-k0F6wqaSGoWnpGawnt5A&google_cver=1&google_push=AZmPxg-y8qE8UQ5OB-ErQ_asj9pZEDW_wkhhDzgr_ERTUlzdruHf-cZ9x4Pa0E1SvevZRQAJRFIlEtrhlJRs3b6YZctVcZu7RzO19Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-y8qE8UQ5OB-ErQ_asj9pZEDW_wkhhDzgr_ERTUlzdruHf-cZ9x4Pa0E1SvevZRQAJRFIlEtrhlJRs3b6YZctVcZu7RzO19Q
Request Chain 406
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECbbm1W8j-p2P1NOYN9YHAs&google_cver=1&google_push=AZmPxg958aafnKXgHlCA9CueCiXHQIcneD7tuKWtTc7Biy92H3SP-mS3n2eB65kGaJCg9Wjp_Ux_p0BQOM6MLU6yXKITSJ88bCIi3A HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg958aafnKXgHlCA9CueCiXHQIcneD7tuKWtTc7Biy92H3SP-mS3n2eB65kGaJCg9Wjp_Ux_p0BQOM6MLU6yXKITSJ88bCIi3A&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1663677453183 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-bee31c62-dc91-4d2c-8bfc-85facf3a2655-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg958aafnKXgHlCA9CueCiXHQIcneD7tuKWtTc7Biy92H3SP-mS3n2eB65kGaJCg9Wjp_Ux_p0BQOM6MLU6yXKITSJ88bCIi3A%26google_hm%3DA77jHGLckU0si_yF-s86JlU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg958aafnKXgHlCA9CueCiXHQIcneD7tuKWtTc7Biy92H3SP-mS3n2eB65kGaJCg9Wjp_Ux_p0BQOM6MLU6yXKITSJ88bCIi3A&google_hm=A77jHGLckU0si_yF-s86JlU
Request Chain 410
  • https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703MSTUDIOGMBHINV./B28425291.344491547;dc_trk_aid=536202816;dc_trk_cid=176757874;ord=3156740654191517810;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703MSTUDIOGMBHINV./B28425291.344491547;dc_pre=CKat-7yxo_oCFbiH_Qcdy1YJpw;dc_trk_aid=536202816;dc_trk_cid=176757874;ord=3156740654191517810;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 441
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=MlH5LXx3YXp4SW1mblB0VjArMGxXNU93K1cwc1ZENm5SaWRPcGQ2OHNUbG5xWFMrdlRJcjBNbUZlWXREZS8wbUJTMjdicG1YWHNFU05pSm9DajZJcDRFRkd4QThJTEtIVjJkSHBzS0NkL3RvM1dZZWRDWmVOWWhJdEgyVnN3WjB6dVcvNmFMRThJR1E0YWgxN2REM0M2QWxDbFlpQ3JJTk1PRE5jRXdQUmlSLzUzdlBmRWpKNDgyWFFlOTRuSWxCNXVSWmM0N2czWUVrSXEyOVcyRFlBWnQ2bFNBUmdDaVFnd1R3OVdDSnNIdm96UUVGckFhL0NYVnRrUC9FYlNhOSszczRpfA&cppv=2
Request Chain 465
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=TAWGdXw3VlV6aFNKR2NLcmNIUFVqQ2ZCOFVpc3YvQ2doaExjaCtBT0NGL2lEeGc1dkErWmZ5emZJakZUOXJLSjliaXFrSmlTYUdRT2Z2YXhzdXNxdVlDMlBOWDlGS2RLMlBsczBYR0htbGpiT0M4ZVhBR0xkUVpZdW9NNTBCYWhSZkdOOTFwSHNHVWVBLzNJQmxHZTUzbnF4R2NJSm1TbEJLaGM0bTdTMWZ1bUl2ZnJuWGJOZFBUNy96RVdxNDJsWHZzTGVJS05YVnBDdUtBR25aSTl4OVhLZFdLUkc5U3U1T0d5aUVZTXBNS3Fja0Y3aFVIZStWcWIzLy81WFV1T2dHemFQOGNqckZhUEg2Zm0zd3dIZ0RHY2J6Zz09fA&cppv=2
Request Chain 475
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZVEMiHcGRsWeiN3FcWS09g&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZVEMiHcGRsWeiN3FcWS09g
Request Chain 476
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNkxLV0wtRC1GVU5a
Request Chain 477
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nXIemm3f1UVlNls2MeDu3Q?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3540261731339379447
Request Chain 478
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8A6LKWL-D-FUNZ
Request Chain 479
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDFlMjM1Yzg2YTk5YmNhOThjNjVlMmY3MjRkNmVjNTg1ZWIxOWI2Yg
Request Chain 480
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOv7SiQ1r5-ToFBjQ7Vg8z8&google_cver=1
Request Chain 481
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3G1ddOPWS_-n41AaobHlEQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3G1ddOPWS_-n41AaobHlEQ
Request Chain 482
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED8gH_WgwnGnANy1GHDe0TU&google_cver=1
Request Chain 484
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB&dcc=t
Request Chain 486
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1972190678536387543
Request Chain 488
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_05572df8-b312-4b60-be7a-c02a955b1b5e&bsw_param=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5&expires=10 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5
Request Chain 489
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB
Request Chain 491
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9b08554c0129b156e2f813918930b434
Request Chain 495
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 499
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=00b6bcd1-38e1-11ed-9e71-10b91cd50306 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/00b6bc83-38e1-11ed-9e71-10b91cd50306
Request Chain 500
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 503
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/e3db4219-e47b-4f79-9f2d-a21f1cf07a4e?gdpr_consent=null&gdpr=0
Request Chain 504
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-aQIFYANE2uF58HjM9z7vbSVQ_IJEp3gnOgwxl3U-~A&gdpr=0&gdpr_consent=

519 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il/ 		689 KB
320 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
11bd1d76db71a96e3b794af8b0ae43127973db0474696b87cf3f0bacb43f9802

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2
cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 20 Sep 2022 12:37:25 GMT
etag
W/"ac5e6-D0FriT6Ce+/c07wFgMHlmS2j6zM"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-amz-cf-id
Xiy7YszVwQkydpG1Oku-4PzrY5d2PDTJjPGqBA8EfvXUF07HlkwlBA==
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
x-cached
HIT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
919955e889d271f73387b4455d37667a6a730e800dcdbd1461412810bbc5a6c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27726
x-xss-protection
0
server
sffe
etag
"1339 / 358 of 1000 / last-modified: 1663672177"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 20 Sep 2022 12:37:27 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:cc00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 11:19:29 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
age
4678
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
ujvudSVI3aOnT92pnBxwBBxMXjYp3TxjUJAKYKqLuGMpd58pW0GI2w==
expires
Tue, 20 Sep 2022 13:19:29 GMT
new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:44 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18583
etag
W/"473-18359aebb58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
L5meExrfkAhuYNoz5BYIaNtmZO2AVBrnJS4PdA2kxwZCR3xW1qyXJw==
x-cached
MISS
icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:41 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18586
etag
W/"7ee-18359aebf40"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
qKxs2uRaeOVGh7UmH8z4X7YL5_yAuWD8RKiJ47gQjsdhc9U_xxy3Tg==
x-cached
MISS
icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 		464 B
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:42 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18585
etag
W/"1d0-18359aebb58"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
464
x-cached
MISS
x-amz-cf-id
RpgrG83M-gZNwQE6VlFL2Kb9Oitv3AyZ1ta-Bei818mV59CRKkKPZg==
new-logo.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:42 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18585
etag
W/"492-18359aebb58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
EKiyCvFKClVnC8vom0HVOEJ5t59YzIhVBirF2DSysNFfhxRi0kfBeA==
x-cached
MISS
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:42 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18585
etag
W/"c00-18359aebf40"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
8F3kQQ8Dc1YSaORPGwg_aMiXomZ2A3UzurYxW7hmXe_J2yIgwBoGzA==
x-cached
MISS
yad2.png
www.walla.co.il/public/assets/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/yad2.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:42 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18585
etag
W/"488-18359aebf40"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
1160
x-cached
MISS
x-amz-cf-id
gxRTQssYaSLosFMA5kFbG95P2J5RujiNCHGRf2poxxhNQ_lXqvc3VQ==
3437389-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/3/7/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/3/7/3437389-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
472405e56a883bd892e0e2cf73f787d5ac7b8f5bea82679f6d9db83b67a5a873

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:04:02 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
2005
edge-cache-tag
354983491309042744043011601168451177645,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
cache-tag
354983491309042744043011601168451177645,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
33108
x-request-id
d8a9dc9ac09b5104ec60c3f00e79b98d
x-served-by
cache-iad-kjyo7100165-IAD
last-modified
Tue, 20 Sep 2022 12:04:03 GMT
server
cloudinary
x-timer
S1663675441.376729,VS0,VE1272
etag
"293e97da9fb3727ca3a051ff32ffddb4"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
RQ_upn28gyohVCmTIfOjWtuYtt-hUwlELYPRdxr9ftMXHC4dqs_FcA==
x-cache-hits
0
invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:42 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18585
etag
W/"834-18359aebb58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
1BAkrPQ5_QFJUuKI-cPiYJBeSJofBJ_rE44tU6-MYA8fxRyFKUfuYQ==
x-cached
MISS
103fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 		895 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/103fm.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:42 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18585
etag
W/"37f-18359aebb58"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
895
x-cached
MISS
x-amz-cf-id
JDvWvt5-Km4s8u_auh5RP86l8zoNPh0urF7i56MYqhIiqxknZ9jSxg==
99fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/99fm.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:42 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18585
etag
W/"3a5-18359aebb58"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
933
x-cached
MISS
x-amz-cf-id
YbEdOcvX7G32yC9gWjcIv2VCUZgcrd1KHitKI2aHOe2kePl4MH5iYw==
3434244-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/3/4/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/3/4/3434244-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
22e87bfe88b71349a9d80f50778376e01fa8a2062464c7c48f21c503c166926d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:20:31 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
454616
edge-cache-tag
144317404047534465122736487520654077806,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
cache-tag
144317404047534465122736487520654077806,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
31076
x-request-id
22dc9f8810969ecc1a2c844fd4dc0ea6
x-served-by
cache-iad-kjyo7100032-IAD
last-modified
Thu, 15 Sep 2022 06:20:32 GMT
server
cloudinary
x-timer
S1663222830.778076,VS0,VE1250
etag
"3611da0d3f1ac09dee4bd37a0c12194b"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
_IAVvkEiafMXszy9teviAVjRCnGubjXWHtuRhKD5yMAldYy60AG_Aw==
x-cache-hits
0
3278031-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/7/8/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/7/8/3278031-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
102ffb4dd24255e7ecb5770c868012b9897d59a9e91b6db5193dfbc6c913ab10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 06:47:16 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
21011
edge-cache-tag
211292865708666468070192749255502048778,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
211292865708666468070192749255502048778,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
3079
x-request-id
9dcdc3c8dd777359bfa70196b01899ab
x-served-by
cache-iad-kjyo7100156-IAD
last-modified
Tue, 20 Sep 2022 06:47:17 GMT
server
cloudinary
x-timer
S1663656434.163188,VS0,VE2611
etag
"796d354ea5ba2fdf9093c68cea540032"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
i8sObjfdIHr139T-UEcb2q_lkz6BQYnnj5RIKaRMZdRp6hjZ3IATvw==
x-cache-hits
0
3341171-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/4/1/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/4/1/3341171-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
d77d27666cbecfe4cd9149a720ac6abe85c7cae793ae3c90fbfbb608df84d54d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 06:48:20 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
20947
edge-cache-tag
427256996032750856864594949422871261604,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
427256996032750856864594949422871261604,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
4386
x-request-id
783865d3ebad0f02bff634e75595f089
x-served-by
cache-iad-kiad7000114-IAD
last-modified
Tue, 20 Sep 2022 06:48:21 GMT
server
cloudinary
x-timer
S1663656500.088393,VS0,VE734
etag
"e058d4498910311c89f1e7317465267b"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
mS8OOSmdejjEs1TwNjol_b9PICL-uQJrEJoaaV_9i7pp3Lc1evSVLA==
x-cache-hits
0
3409567-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/0/9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/0/9/3409567-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
fd79a7c6c40b906bce55c55e98b67210c359e46d6058bff6b94a5afcf5b2b1ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 07:51:30 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
5546757
edge-cache-tag
162828009415301591308200810933405595421,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
cache-tag
162828009415301591308200810933405595421,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
4870
x-request-id
04d5bd399835b9564ef6d594dd4f518f
x-served-by
cache-iad-kjyo7100131-IAD
last-modified
Thu, 14 Jul 2022 12:02:34 GMT
server
cloudinary
x-timer
S1658130690.061156,VS0,VE2
etag
"ceeca98c02f73818ca1d76fc8a586d43"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
bV2SBXUq42o3PJhV97RCuIpZehLMe6LbsubmB2QHfNaBzuajJrD1FA==
x-cache-hits
1
3425986-46.jpg
images.wcdn.co.il//3/4/2/5/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il//3/4/2/5/3425986-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
e90afefe008174901648b6984e3849d61ab51fcd2f9c260cb182f1b9eded2b4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 13:08:35 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
1985332
edge-cache-tag
354062088052095449999837282067072178970,d2bce9e04f88d43dd8350e859c701704
cache-tag
354062088052095449999837282067072178970,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
35924
x-served-by
cache-lga21964-LGA
last-modified
Thu, 25 Aug 2022 07:06:31 GMT
server
cloudinary
x-timer
S1661692115.029574,VS0,VE1
etag
"e8ad9a497fd64fdf8908a78fca482108"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
eBVMs7wabAeHhoOFHBgzb_HIhbZpzEBSpsusReGaxNWzYd9ygTnBUw==
x-cache-hits
1
liga-banner-desktop.png
www.walla.co.il/public/assets/sport/ 		294 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/sport/liga-banner-desktop.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
8674c690e379aa2d7f8f84624402dc41902336d4c7044a931e34e247839463a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:42 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"499a6-18359aebf40"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
301478
x-cached
MISS
x-amz-cf-id
1wivsC3BQW3-32k_PQKl5bcS1lHznnA-xchCrLLOspRZmRFlzFEGcw==
mishpati.png
www.walla.co.il/public/assets/icons/homepage/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage/mishpati.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
03baca21d7a98bc118436bcb698ecaafefff81373d472afdf259fdfe3f5c1a03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:42 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18585
etag
W/"f8c-18359aebf40"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
3980
x-cached
MISS
x-amz-cf-id
gHSUlmo-YgRC3u2ozCGdpklDVbWzSfYodVb2KyHxslICH0F9F7F17A==
3329203-46.png
img.wcdn.co.il/f_auto,w_66/3/3/2/9/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.wcdn.co.il/f_auto,w_66/3/3/2/9/3329203-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-43.fra56.r.cloudfront.net
Software
cloudinary /
Resource Hash
de6bf035e9195f0b9f69ddc8a8a0431deaa22504c56412d03dd103beb35ab2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 12:53:07 GMT
via
1.1 varnish, 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
age
3282260
edge-cache-tag
315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
cache-tag
315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
732
x-served-by
cache-iad-kiad7000151-IAD
last-modified
Mon, 03 Jan 2022 09:47:54 GMT
server
cloudinary
x-timer
S1660395188.815666,VS0,VE1
etag
"79624ac971cffa490d9827a952393183"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
kHku3wrbuWzLQ6w9dJYZ4VslcISfTC3P1e18wz5m2Ofcm0EZ8NKX6Q==
x-cache-hits
1
career.jpg
www.walla.co.il/public/assets/icons/homepage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage/career.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
edd4d9c515c398baf420a025641816721bdc7f67945144fe15a1058f6c75e667

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"be7-18359aebf40"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
3047
x-cached
MISS
x-amz-cf-id
fE7wgdrCWIpoo_Fboq5mVJk6x5joMO9ypcYb6A-W47SIfP_wycvwQg==
mazaltov-logo-new.png
www.walla.co.il/public/assets/icons/homepage/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage/mazaltov-logo-new.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9c2fff24329f1fe904135f52256900469efd1e77ae3da4b0f528094cd2123e1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:42 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18585
etag
W/"9ce-18359aebf40"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
2510
x-cached
MISS
x-amz-cf-id
Qxg2lVY4ylLWf7eJ53yuBueAxo_GVJqCvGjNabTsp_zmPzUfSQLazQ==
new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 		636 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"27c-18359aebf40"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
636
x-cached
MISS
x-amz-cf-id
EDPEIuEQuCI9bmeCJlVI0X5SuS4sMSl8WCdwQg0OCcBRc_mHRcsjkg==
148_248b4149632420b886ad_248b4149632420b886ad_walla.js
www.walla.co.il/public/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/148_248b4149632420b886ad_248b4149632420b886ad_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bdf39a7fddcfb048c35c871282ce0f1de7866e18be3cf1353da9262b509fa0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:58:27 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"2b34-18359b0de38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
5PLjVDUsbF7LdrcsgVVNXzIKVQ2hwEU6Ka-cn2zhwRBaIMUntLkzWw==
x-cached
MISS
666_344b9d6cd4dc223b3fd7_344b9d6cd4dc223b3fd7_walla.js
www.walla.co.il/public/ 		307 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/666_344b9d6cd4dc223b3fd7_344b9d6cd4dc223b3fd7_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
df9948d64acb00c120474d93397e7ef48d77429e60cfbb602a5440fccfd2cc6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:41 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:58:27 GMT
server
openresty/1.15.8.1
age
18586
etag
W/"4cdba-18359b0de38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
vSHtQKT_BkQPffUfGJYAIIMqfKsNSYZDjDAWw1e8qnW1wmX7jb6oyw==
x-cached
MISS
main_e959bb8b9b5abfde44a9_e959bb8b9b5abfde44a9_walla.js
www.walla.co.il/public/ 		1 MB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_e959bb8b9b5abfde44a9_e959bb8b9b5abfde44a9_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
670e28e9bbd70620a1efb786fc54bd788f1d9e1a995002c535c87d78c1bb4bd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:41 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:58:27 GMT
server
openresty/1.15.8.1
age
18586
etag
W/"11ba67-18359b0de38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
VYQ33bt_7Xx9stFMmYyxZWfR_nKwb1YwpJFn_q5wMuTsBKx3X5mMCQ==
x-cached
MISS
homepage_f77159f238301080b416_f77159f238301080b416_walla.js
www.walla.co.il/public/ 		253 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_f77159f238301080b416_f77159f238301080b416_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
0683bcc8a763a2b2df502ed324958373a6aca0c9a9cf9b7c97e3bd389584bc4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:42 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:58:27 GMT
server
openresty/1.15.8.1
age
18585
etag
W/"3f222-18359b0de38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
FwqEFDVMaBSzNPvmCDto3hGnmWsGp-slQq8UwoqxHrccWIOlTz5Odw==
x-cached
MISS
pubads_impl_2022091401.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 20 Sep 2022 12:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1591
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 08:37:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 12:10:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		937 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0798350303688edd86233b3c7e1285fb27786cc3626ea2b6464ce94c0313bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 12:37:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
x-xss-protection
0
expires
Tue, 20 Sep 2022 12:37:27 GMT
walla-v2-prod.js
cdn.valuad.cloud/hb/ 		893 KB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
ac1fdaf62e867419d7354517d0c520e7dbb1039c7e01af281193217e79ee6dbe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:28 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 12:15:08 GMT
x-amz-request-id
tx000000000000017eba6d8-006329af32-2b9df863-fra1a
etag
"d0d143d47db18c6d5dd1cdbb5c80bf9f"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1663677448.dop211.fr8.t,1663677448.cds272.fr8.hn,1663677448.cds261.fr8.c
content-type
application/javascript
cache-control
public, max-age=86400
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
content-length
246975
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 20 Sep 2022 12:37:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
851
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29220
x-tw-cdn
VZ
Last-Modified
Wed, 31 Aug 2022 20:41:50 GMT
Server
ECS (frb/67C0)
Etag
"f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
gtm.js
www.googletagmanager.com/ 		384 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a521ba5eba3a8f11b3a4d0640931be57ec5c53a3c9218015ebc6c9d3d45134a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77821
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Sep 2022 12:37:27 GMT
gtm.js
www.googletagmanager.com/ 		429 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bd6ccbccc24d8f396e2372e1ab7752426f07b666b866e905971a488c755bed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63205
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Sep 2022 12:37:27 GMT
wallawb.js
cf.dxmcdn.com/dta/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/wallawb.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:400:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 09:58:22 GMT
content-encoding
gzip
last-modified
Sun, 29 May 2022 13:46:35 GMT
server
AmazonS3
age
9546
etag
W/"c6a8b1a7ee5ce83efe089c14c99eefad"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
x-amz-version-id
qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
via
1.1 f1944380c787841c28b16df91c1ec34e.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
content-type
application/javascript
x-amz-cf-id
ADGL2Hw4CqPO-dxWhGl5XP1rW_NXxQmSoPDlZlPdi2H6wgJA2SkKbQ==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:cc00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:36:18 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
age
69
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
7kHpjF7qGKSWskul-iQy9pjjFheTLypCiELkuRw8EPoOVSqhEbGs6g==
expires
Tue, 20 Sep 2022 14:36:18 GMT
google.gif
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/google.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"5b6-18359aebf40"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
1462
x-cached
MISS
x-amz-cf-id
3nChKICOmSy51js8ZhOkjdvTpqGNR3SD98PIzLH9TNI7irzQIOosGw==
icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"2e7-18359aebb58"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
743
x-cached
MISS
x-amz-cf-id
KNgCIn7XI9lSWa-O3ryHgQwNNR2ky0EFackFSjYizNwBVi8ngvyYNA==
icon-liga.svg
www.walla.co.il/public/assets/icons/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-liga.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
748c85ee7f2c3a5842e80fd14986b4354b89dd8f121d2aa0f2f1efc0d5ed8807

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"1a07-18359aebf40"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
sJzQhimQk4AmxQgT_gtBYPpCWWMxnSoWeGScSy3CpKGQrJXnH4_VCA==
x-cached
MISS
icon-wather.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"85c-18359aebf40"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
NCyWd5sbdAL3JV1Pbvz8k4tVgQrTp712ApTolSzweVhshGeJgB_K1A==
x-cached
MISS
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"5f6-18359aebb58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
G2ON5uuqe012LXY2Uds1MWQzKUP8pkKSPZHbgHGidF-KChdhvMu-pA==
x-cached
MISS
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"e954-18359aebb58"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
O99fGpRqiZkhKW1AzeLYDJYKFaY1CenagxoLDQGnYN8CiKjmzWaspw==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0abd34e65ff29023ec1ead23ee5781cc38cea32b316322be5cc4cad2a067bc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:27 GMT
content-encoding
gzip
x-cache-hits
1
age
3
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1521
x-served-by
cache-fra19180-FRA
access-control-allow-origin
*
x-timer
S1663677448.596240,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 18 Sep 2022 12:37:24 GMT
outbrain.js
widgets.outbrain.com/ 		211 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a23ea9d651f52cbe2a0c7dd74c4d918d49d5843aa9d0240d2e03fecc72174e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:27 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 09:36:09 GMT
etag
"15-81uUg9Ncx+58pBQAbf4hi+q7o7M"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
922882b799c6f0b0a63eba91024b9460
timing-allow-origin
*, *
content-length
74238
arrow-forward.svg
www.walla.co.il/public/assets/homepage2/ 		475 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/arrow-forward.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"1db-18359aebb58"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
475
x-cached
MISS
x-amz-cf-id
0xZN8ibQMKRGBWXNxE5PdcVf2TYk1X1p5mWc_tacOpVd5Tg8z44wVQ==
walla-sprite.svg
www.walla.co.il/public/assets/icons/ 		19 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"4a05-18359aebf40"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
zvGn-EIqReF9EIt4MlRM8y2gb5naq19PLdYl655LdJLcalqEawx3VA==
x-cached
MISS
play103fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 		409 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/play103fm.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"199-18359aebb58"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
409
x-cached
MISS
x-amz-cf-id
LiUnQVj8BXo7NPISYq84XvBPrXWHSPp-qi4W1eh6v63gxhyjiWISuA==
play99fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 		409 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/radio-stations/play99fm.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"199-18359aebb58"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
409
x-cached
MISS
x-amz-cf-id
_FVY1rXBkleGi_EHr4z_InLr_2_hRqhJ5tcf2yK9Y7EuDfJlaEMPXw==
icons-play-live.svg
www.walla.co.il/public/assets/icons/ 		298 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icons-play-live.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18584
etag
W/"12a-18359aebf40"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
298
x-cached
MISS
x-amz-cf-id
1XFqt6wX5IepHAIoI_O4mTzbyiUeHBLj_jfiZbewCnOXiAdPQdiQSQ==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:44 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18583
etag
W/"3bdc-18359aebb58"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
hd6eGy1D0D9VbgOs1j-KjkOyLr9dZR_1V5ZLSwNOgjSIDC9NZtLcAw==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:44 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18583
etag
W/"e7c0-18359aebb58"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
59328
x-cached
HIT
x-amz-cf-id
oBXmj78KngWkl1exca_OQRZTMZLMx-Ei3juEmY47XyFmYeixS0l7xg==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:44 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:07 GMT
server
openresty/1.15.8.1
age
18583
etag
W/"ea00-18359aebb58"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
tqwYL9zB3vkEAvbEB8B4Psts_KDCmp5Hv7oEfZLLfCrZPw5ixsyw6w==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=DIL34s7X1iADebDwd&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10485&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=696&t=2Ri6sbkTD0DyKjhfBXj40ODIpRhA&V=136&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&tz=0&sn=1&sv=C_MB7_CR8FOe-zrxgBFJbT7DVanFY&sd=1&im=067b2fff&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.24.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-24-134.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=DIL34s7X1iADebDwd&c=0&V=136&x=AXtQ55rDYrGPo&v=A&ml=m&sl=CL1J3W&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.188.56 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-188-56.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=DIL34s7X1iADebDwd&c=0&V=136&x=LLQeeMir5hAvx&v=A&ml=m&sl=1RGnl&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.188.56 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-188-56.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=DIL34s7X1iADebDwd&c=0&V=136&x=mPLOX73kU4pdL&v=A&ml=m&sl=CY__aT&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.188.56 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-188-56.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=DIL34s7X1iADebDwd&c=0&V=136&x=jPkWvXiYtOHHt&v=A&ml=m&sl=DjYYWx,DjYYWx&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.188.56 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-188-56.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=DIL34s7X1iADebDwd&c=0&V=136&x=tgOeLXTjCG8t8&v=A&ml=m&sl=B4Upqb&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.188.56 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-188-56.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=DIL34s7X1iADebDwd&c=0&V=136&x=qIdzThIgH1dgx&v=B&ml=m&sl=zYxJZ,D-dRbG&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.188.56 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-188-56.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=DIL34s7X1iADebDwd&c=0&V=136&me=3&ml=m&x=uKIvQSoxzLVih
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.188.56 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-188-56.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
widget_iframe.c4bdc17e77719578b594d5555bee90db.html
platform.twitter.com/widgets/ Frame 8052 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1698849
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Sep 2022 12:37:27 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 31 Aug 2022 20:40:57 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67D3)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-09-20
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:1c00:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7366672c7309113ce12beb12478774bc7ed93bc3f066f38bb3bf5c57485e47f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
fJ6OxwQ2i6ClHgUlktD21ZZFhrK13sEw
content-encoding
gzip
last-modified
Sun, 04 Sep 2022 17:48:46 GMT
server
AmazonS3
age
24009
etag
W/"3891a35af9cd00643f2e83d64997acba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
date
Tue, 20 Sep 2022 05:57:25 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
rg3DR0zXvEbw3xxin0mRNmo1D72iBnXlviczxCkILhKLq-9LisEIhA==
391_74a7ea0bea4fcf8c460e_74a7ea0bea4fcf8c460e_walla.js
www.walla.co.il/public/ 		121 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/391_74a7ea0bea4fcf8c460e_74a7ea0bea4fcf8c460e_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e959bb8b9b5abfde44a9_e959bb8b9b5abfde44a9_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
86fed0f87402ce0fde9cdd3a0023fd4df2f277f5849744e61d4784e6470e02bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:58:27 GMT
server
openresty/1.15.8.1
age
18586
etag
W/"1e51a-18359b0de38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
dy4v6_aFhZsxEHbPj4UUxJq-hpH2fBOQ_gkMF4SpG5U89eyLbShPHw==
x-cached
MISS
PikudInner_793046046c897b90f78e_793046046c897b90f78e_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_793046046c897b90f78e_793046046c897b90f78e_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e959bb8b9b5abfde44a9_e959bb8b9b5abfde44a9_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
32e55f966e5d42979013d87e8a4de77fd04e331af39070fd2f21404a04aae61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:58:27 GMT
server
openresty/1.15.8.1
age
18586
etag
W/"cfc-18359b0de38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
noq04vxB-x6n9jSS-AuYFcAJhOlkPnZyo-txQ_SIv0avWZaSjN0NaA==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/666_344b9d6cd4dc223b3fd7_344b9d6cd4dc223b3fd7_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
919955e889d271f73387b4455d37667a6a730e800dcdbd1461412810bbc5a6c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27726
x-xss-protection
0
server
sffe
etag
"1339 / 521 of 1000 / last-modified: 1663672177"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 20 Sep 2022 12:37:29 GMT
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18586
etag
W/"46c-18359aebf40"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
Ht0GKhipGRJBW501UKDAMG2Nif-fXdTQ-IVmcStaQGF0qRmSea7zvw==
3421426-46.png
images.wcdn.co.il//3/4/2/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il//3/4/2/1/3421426-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 10:30:43 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
3204406
edge-cache-tag
145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
cache-tag
145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
5667
x-served-by
cache-iad-kiad7000166-IAD
last-modified
Sun, 14 Aug 2022 10:29:39 GMT
server
cloudinary
x-timer
S1660473043.259951,VS0,VE1
etag
"a299b27a337fe5f8cd65385dbd30d509"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
OOQU-pAXOCgS7l0q23UCDDFScmEw63COc8WzGMpAioCTvWi-NGohzA==
x-cache-hits
1
2386336-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/3/8/6/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/3/8/6/2386336-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
3e8b7be6748b3f6657e82e3025683d8bb0ab86bcac660150643a294f73d0bc23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:43:39 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
17630
edge-cache-tag
211354170110482036562488546519277481292,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
211354170110482036562488546519277481292,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
12898
x-request-id
218fedc2521407006bc7d62f6a5809d3
x-served-by
cache-iad-kjyo7100118-IAD
last-modified
Tue, 20 Sep 2022 07:43:40 GMT
server
cloudinary
x-timer
S1663659817.557787,VS0,VE3074
etag
"228f2c6ce10a24ad2c1c3fd1895c011a"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
E-lHoGVpliL6yXh6y_BvH_--vyDt7AwajS9a8fioqgcJmypxoUnDqQ==
x-cache-hits
0
3421425-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/2/1/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/2/1/3421425-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
61828e0616891940f8bd0401376eef9601c939cc6f920bdc37513a2cd6933bd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:52:15 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
2832315
edge-cache-tag
276071925003106772939387096411129650972,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
cache-tag
276071925003106772939387096411129650972,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
7702
x-request-id
9b1d135e642e3fcf58a7f48cce472c46
x-served-by
cache-iad-kiad7000136-IAD
last-modified
Thu, 18 Aug 2022 17:52:16 GMT
server
cloudinary
x-timer
S1660845135.971568,VS0,VE814
etag
"d8d085ea1f63594e8cb3e814e53fddf3"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
TQH5kcsFIVihTP4fD_Nh6u7p4auraayMaPGfUex78ScHO3x56_ehJA==
x-cache-hits
0
3430614-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/0/3430614-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
49516ce0a6df0c6d94424868d40f729c1396a81afc19ede501bb4ba6781d6452

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 05:31:00 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
25589
edge-cache-tag
366992835362636826284632085677324011134,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
366992835362636826284632085677324011134,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
6835
x-request-id
01b949979074b98e84088b389358fa12
x-served-by
cache-iad-kjyo7100092-IAD
last-modified
Tue, 20 Sep 2022 05:31:01 GMT
server
cloudinary
x-timer
S1663651858.965337,VS0,VE2782
etag
"c78c1351c71b51f75c17ac7efba98576"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
q1knsq-TqavZh3M-L0otMJmX-amXGWReTAIRizJBhiwlfDCBM9L9-A==
x-cache-hits
0
3437274-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/7/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/7/3437274-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
196b7e399508118601fbd94f863e1987106c05b7862d6e327598e7ca368d1887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:18:44 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
8325
edge-cache-tag
268539599408986745863458767934328395062,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
268539599408986745863458767934328395062,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
8864
x-request-id
017311e000ef87cfe3de03babf7cf5f4
x-served-by
cache-lga21928-LGA
last-modified
Tue, 20 Sep 2022 10:18:45 GMT
server
cloudinary
x-timer
S1663669123.263008,VS0,VE1200
etag
"9a8f77b1baa7b590a81130d3f76f79db"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
q8SlcEqF_AFhPm0sp9oOxfUkJJQTB9LqFR9t2W8ySqBVznfg9-xZpw==
x-cache-hits
0
3178764-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/8/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/8/3178764-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
4254d6ebdad02b88a8691e71b6b58b19944bce76b249707f8d45e610d7b55f0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 07:00:08 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
17127441
edge-cache-tag
368907602085661858931500534282242613018,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
368907602085661858931500534282242613018,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
1683
x-served-by
cache-bwi5037-BWI
last-modified
Tue, 28 Dec 2021 13:39:26 GMT
server
cloudinary
x-timer
S1646550009.631172,VS0,VE1
etag
"7cb7520d0554e205a55ef52971b6f150"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
fLowpsqoLB7jdLxXbhk5YnCovd5lt6R2OEoUlm8bgyJS7DhNnIaD-A==
x-cache-hits
1
3257720-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/3257720-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
876338a1211c7ddf69cfc5e548d0a1ed20b6b457f2db3a0383da314e9b8ab5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 09:31:55 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
18327933
edge-cache-tag
392352988921626568262436971655980406484,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
392352988921626568262436971655980406484,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
2600
x-served-by
cache-wdc5578-WDC
last-modified
Tue, 28 Dec 2021 13:39:27 GMT
server
cloudinary
x-timer
S1645349516.959199,VS0,VE1
etag
"f5f7b4337f4b74360d3260dee35fb331"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
X7gW1FKSiAXQU5wWSGc-A6imGLrzyKwvDqjGaJB-eEKkD8FqwhTGaA==
x-cache-hits
1
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
34
date
Tue, 20 Sep 2022 12:36:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 20 Sep 2022 14:36:55 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
d7abb302c9c1e55633395bf3b82b4bed7d63804223437d9879fff049895ec72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17403
x-xss-protection
0
server
cafe
etag
17680024240845530123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 12:37:29 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
RjE2uNVrR/8ihatvJYhsBnK8HRaRvfDufrYnz/VCLB1jEl45yyjDE1DtgFKwDo5RAtVAh9HZ/WsBKwBSIT1tYA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 20 Sep 2022 12:37:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
3437409-46.mp4
images.wcdn.co.il/q_auto,w_300,t_54/3/4/3/7/ 		225 KB
226 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.wcdn.co.il/q_auto,w_300,t_54/3/4/3/7/3437409-46.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
6c92be27fa2e43f9c89b59fc60258b0aa3eca1170f36d36a5b4455d3e03339d6

Request headers

Referer
https://www.walla.co.il/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 20 Sep 2022 12:24:33 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
776
edge-cache-tag
131034316585449370630405512422222870322,297971540058848560575371772229170621855,d2bce9e04f88d43dd8350e859c701704
cache-tag
131034316585449370630405512422222870322,297971540058848560575371772229170621855,d2bce9e04f88d43dd8350e859c701704
status
206 Partial Content
x-cache
Hit from cloudfront
Content-Length
230703
x-request-id
91091a9dc2ce2752e388ffef70083081
x-ua-compatible
IE=Edge,chrome=1
Content-Range
bytes 0-230702/230703
last-modified
Tue, 20 Sep 2022 12:24:34 GMT
server
cloudinary
x-timer
S1663676672.959519,VS0,VE1917
etag
"72cf4aaf29159fccf51212f8f81dbc8c"
x-served-by
cache-iad-kjyo7100174-IAD
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
I7iM7O5vCPcJqQJSGxNiawPhchud6zfgKOTR1F6Gfnm5fkQT1v9EKw==
x-cache-hits
1
d3d3LndhbGxhLmNvLmls
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LndhbGxhLmNvLmls
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 20 Sep 2022 12:37:29 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=34581
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
ee7181de62fa860610231a6de59d9131
Content-Length
15
Expires
Tue, 20 Sep 2022 22:13:50 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:29 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Thu, 20 Oct 2022 12:37:29 GMT
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 20 Sep 2022 12:37:30 GMT
server
Google Frontend
x-cloud-trace-context
1b06b5039b476b23df71ddef7c3ca550
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Accept
application/json
Referer
https://www.walla.co.il/
x-request-id
1f2fa92b-ae42-4555-a22a-53fd60b44cdc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-vad-version
0.9.8
Content-Type
application/json

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
9865ee948abcd24d071ef58060a3b4e4
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
settings
syndication.twitter.com/ Frame 8052 		771 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=5d9190ef0595e6c2804042a641f7d3bdd9a9d6b0
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
113
date
Tue, 20 Sep 2022 12:37:29 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 12:37:29 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
c93119d7c2e45e67471f0115ad6e299bd726ce95bee701d1f0906f1af5e78db2
content-length
327
placement_invocation
rock.defybrick.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9800:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:31:04 GMT
content-encoding
gzip
server
Caddy
age
3579
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
FRA56-P4
content-length
18460
x-amz-cf-id
95c3hIi-y7RJ7_sTD4hNxmjbXoGAcRKYhKwOs-qg4tgLtrItl451KQ==
expires
Tue, 20 Sep 2022 23:37:50 GMT
map-id
ledger.crowdad.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=65efd454-16e0-4346-8acd-2851214758e0&adnxsUserId=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D65efd454-16e0-4346-8acd-2851214758e0%26adnxsUserId%3D%24UID
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=65efd454-16e0-4346-8acd-2851214758e0&adnxsUserId=1972190678536387543
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=65efd454-16e0-4346-8acd-2851214758e0&adnxsUserId=1972190678536387543
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
34.251.36.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-36-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:30 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ddeb0d60-c7cf-4fa3-a437-fce70b730499
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=65efd454-16e0-4346-8acd-2851214758e0&adnxsUserId=1972190678536387543
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-20.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:27:43 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 06:56:08 GMT
server
openresty/1.15.8.1
age
18586
etag
W/"558e-18359aebf40"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
8IyUT615F-PRIYJM8a2QXWdLGnYJqibfRLXPRWMq6bN0rkNQEgR6SQ==
handshakes
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.99.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-99-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Tue, 20 Sep 2022 12:37:30 GMT
handshakes
khn.crowdad.io/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.99.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-99-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Tue, 20 Sep 2022 12:37:30 GMT
access-control-allow-credentials
true
content-length
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=352577200&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2083398143&gjid=918053823&cid=718903951.1663677450&tid=UA-4780630-1&_gid=1742017691.1663677450&_r=1&gtm=2wg9j0T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&z=43904807
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1616785908557850
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e454cb9c6eb2a780b258ab3daab5ce0db5c57028b3a0469d8c1b30ea9fdc0bd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86254
x-xss-protection
0
pragma
public
x-fb-debug
MN8kWI2GvsoQyoPibx0cLdkJCv2Cf2dSg9XfgA0IOon+A+cw2ESdLiMT1n+KeZuquN00ZSAMRrE40wlzNNMrJQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 20 Sep 2022 12:37:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1663677450236&cv=9&fst=1663677450236&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3cb23a5ee8f3c89f8feb92e12a40014f93b7c5a3e6a1c6e0f4491425e56a72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1068
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4780630-1&cid=718903951.1663677450&jid=2083398143&gjid=918053823&_gid=1742017691.1663677450&_u=YEBAAEAAAAAAAC~&z=964940518
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 20 Sep 2022 12:37:30 GMT
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_pla
flint.defybrick.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.walla.co.il%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=24190211267051822666126286612598041999382029261388221150672104215556&nc=0&tsf=0&tsfmi=&pv=0&cb=1663677450395&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2539197322&at=&bid=e30%3D&di=W1siZWYiLDMxMl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsMlwiLFwidlwiOlwiaW50ZWwgaW5jLlwi%0D%0ALFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wg%0D%0AZXMgMy4wMCAob3BlbmdsIGVzIGdsc2wgZXMgMy4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2Vi%0D%0AZ2wgMi4wIChvcGVuZ2wgZXMgMy4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJi%0D%0AZW5cIjoxNyxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEwNTE2%0D%0AOTQwODksXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjgsZVlHOVgxL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhK%0D%0ATDg2TDIzQUNHVWhCSXdJU1NFRUFjSUpmUmVBZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4%0D%0ANzB1eHFGeCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRpdGxlXCIsXCJkZXNjcmlwdGlvblwiLFwib2c6%0D%0AZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixc%0D%0AIm9nOnRpdGxlXCIsXCJkZXNjcmlwdGlvblwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6%0D%0AdGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0i%0D%0AXSxbLTE0LCJ7XCJvXCI6MC4wMDg2MzcyMzYwODQ0NTI5NzV9Il0sWy0xNSwiLSJdLFstMTYsIjAi%0D%0AXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQs%0D%0AXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCIt%0D%0AXCIsXCItXCJdIl0sWy0yMCwiNzE4OTAzOTUxLjE2NjM2Nzc0NTAiXSxbLTIxLCJQWEtFbFQxViJd%0D%0ALFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0y%0D%0ANiwie1widGpoc1wiOjQ3NDAwMDAwLFwidWpoc1wiOjI3NjAwMDAwLFwiamhzbFwiOjM3NjAwMDAw%0D%0AMDB9Il0sWy0yNywiWzAsOS45LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5%0D%0ALCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwyLDBdfSJdLFstMzAs%0D%0AIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0s%0D%0AWy0zNSwiWzE2NjM2Nzc0NTAzNjQsMF0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcs%0D%0AIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMCwwLDEsMCwxNSwxOCw0Miw1NzIsMCwzNDEu%0D%0AOCwzNDEuOCwzMTk1LDMxOTYiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0%0D%0Ac2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQw%0D%0ALCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAw%0D%0AMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJF%0D%0AdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJi%0D%0AbmNoIiwxMTZdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=Xtjby5II23&sdd=%7B%7D&pto=3226
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
678d39883e4ec75821b21ad27000ebc8c4acd611f17e69612497c16cfc1b4ab0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript
content-length
1438
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=718903951.1663677450&jid=2083398143&_u=YEBAAEAAAAAAAC~&z=1607646113
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=718903951.1663677450&jid=2083398143&_u=YEBAAEAAAAAAAC~&z=1607646113
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1663677450445&sessionId=6e291d43-dc3c-aa19-f736-6fb1192f6e72&url=www.walla.co.il&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:30 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
e6196fcc294e678dc83bd2a088303809
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=0&rand=82801&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&clid=6e291d43-dc3c-aa19-f736-6fb1192f6e72&fdu=www.walla.co.il&px=0&py=0&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000897&sig=PXKElT1V&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.190.132 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b3883caf456072334d9b81d17a1ff95a936f453c42a8a9352d33e2c7880da8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, MUC, Europe1
x-timer
S1663677451.506683,VS0,VE120
accept-ranges
bytes
x-served-by
cache-lga21963-LGA, cache-muc13983-MUC
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
1b1e4d38d93cd6cceb92abb076c4b896
content-encoding
gzip
content-length
1211
expires
Thu, 01 Jan 1970 00:00:00 GMT
170717926997655
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e188bac2633600ce8bafab06429651ecc0cab83851fc6f844f016580c7c6f4c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
LERoraSpRY6PY7go3sxJpziNd5emmCIgXOUAtdMiBaRDhJ04W/LcQ7IUDt5oMSGAHQJ7XFutjavkJadauqT/0Q==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 20 Sep 2022 12:37:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1663677450466&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.2.1663677450464.1827618045&it=1663677450232&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 20 Sep 2022 12:37:30 GMT
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1663677450236&cv=9&fst=1663675200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=1048346902&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1663677450236&cv=9&fst=1663675200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=1048346902&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=42bc8db0d49fa2c60392dd3f9a5ebb4c_1769_1663677450575&tm=869&eT=6&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
X-TraceId
d05dd8770ef7d88674e9fc1983374095
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
get
odb.outbrain.com/utils/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=1&rand=65764&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&t=NDJiYzhkYjBkNDlmYTJjNjAzOTJkZDNmOWE1ZWJiNGM=&adblck=false&abwl=false&clss=SERVER84sWuTzJcvtenVaUbhMwNxGf2vxZoA1bQoQMXB%252FDeOnk1pg3eVblVRwXCq5YXXR7RG8rZkWXRa&px=209&py=889&vpd=0&cw=282&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000897&sig=PXKElT1V&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.190.132 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
13396f6fa35de21e2addaff1cd2d0eeff08f65f461406f3f8312171397cd4f6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, MUC, Europe1
x-timer
S1663677451.649113,VS0,VE183
accept-ranges
bytes
x-served-by
cache-lga21954-LGA, cache-muc13983-MUC
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
b618c0a1b2fc7df31f18f94314fc301d
content-encoding
gzip
content-length
3892
expires
Thu, 01 Jan 1970 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1663677450806&sessionId=6e291d43-dc3c-aa19-f736-6fb1192f6e72&url=www.walla.co.il&cheqSource=1&cheqEvent=2&responseTime=888
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:30 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
91058f0f92961d1a9c55e71d9cc7ec93
Content-Length
4
Expires
0
imp.gif
flint.defybrick.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136cedc132ed438f9d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714493d6516dfd78ade6d5e3471ebd498bbd39e821db61c45085052aae2d05f91e46042dcb5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1d08f77f6aa999117aefdafe64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0eda6dabcb61b23fe7dbeedab7a5561b58164c2b547b64d1200d65c5c87d6d2c881b2c527df21d6deedc85ec54d5814aa5f0ddbc3ca1972d1e824fa51e3974c9020f47c121153cd63eb5ddbc4a929e3d03cc74ca7c19ccc7780191c2de84b011f6b4a70c9af2fb54898c78969e5d025fb976c82d1a7be6d88b3f6526a3ed0b81004cbb949023ba5a2ad67a63d86e95ee9fc2db175bc32905bc809d1a83ddb0721e4aa8e7b3c39641f37085a17b6fc8a6cd06fab571d5123eac03acd840a5eecb2dea6ae2993ffeef89aeaeca4090969b934d9f3072ada1d3209dd271f3439ea69ec360bc8eb8c&cb=1663677450806&cri=Xtjby5II23
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
43
content-type
image/gif
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1481c32-41771-5c7110f340cdf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=111753
accept-ranges
bytes
content-type
text/javascript
content-length
82748
expires
Wed, 21 Sep 2022 19:40:03 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
74da9ce3cfbe6916-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220920
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43c662869b90b291f0a722aefbcc83aebaab24595d93a845fe60a41b8a6d74e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
34588
x-jsd-version
1.0.1468
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
799
etag
W/"66f-3DWdCVBoIAdEbBm/UcRcrYPeVUo"
x-served-by
cache-fra19126-FRA
x-jsd-version-type
version
date
Tue, 20 Sep 2022 12:37:30 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
938163
x-amz-request-id
txaf6e2c1c2f9f41df87375-00631b6357
x-amz-id-2
txaf6e2c1c2f9f41df87375-00631b6357
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMLhDLY2tBHKNe%2FTreLcNC43vuAJRyveq8bzLM9ccTntKFEJAs1%2BZp2ZJaoFFNtL0jzKxJZJG7Tb%2BntbOreoPo07PQnPQGWR1d%2FuftBvVP19KfGtwxZnagNVOnCtR9w3xrrolRs%2Bmq6HIrbo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1662739245697142
cf-ray
74da9ce41ad99a1b-FRA
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
prebid.smilewanted.com/ 		0
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
74da9ce4287c6916-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
74da9ce428796916-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
74da9ce428776916-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
74da9ce4287b6916-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
pbjs
htlb.casalemedia.com/openrtb/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211e6f05faae3926%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22domain%22%3A%22walla.co.il%22%2C%22publisher%22%3A%7B%22domain%22%3A%22walla.co.il%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212ec32ee2f17a94%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%2214c9656b3bab58%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%7D%7D%2C%7B%22id%22%3A%221588fa81f23ba2d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%7D%7D%2C%7B%22id%22%3A%221670bfee6240488%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21410b0529d2eba05f116a99ec420eca5c870ffc7c370224b3919225232a99fb

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97XDiXmQztYcLLGCJU97Y4juwAw8Zi3YFSDuphQ1f2L7WDRODj7dfbLt19LI3UZP2yxEQuGGP6zQYX69sm8UoQHjTs27FQRHPJ%2B6bzj20uFrRof4i8bBnyje9jSMYAPBHg8guqf3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74da9ce44d5c6909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.walla.co.il
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
arj
u.openx.net/w/1.0/ 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=91a8506f-9e06-4b6a-b71f-a3f0ce0d4ee7%2Ccd7af347-1134-4856-9d89-be1f519ff263%2C110f178e-ce3f-4b92-9ac6-b952ca84a6f9%2C1067522a-ae9a-4d58-8e01-47768da3afc2&nocache=1663677450901&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C300x250%7C300x250%7C300x250&divids=adSlot-2%2CadSlot-4%2CadSlot-5%2CadSlot-7&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fyad2_rectangle_desktop%2C43010785%252Fwallanews%252Fmain%252Fshopping_rectangle%2C43010785%252Fwallanews%252Fmain%252Fsport_small_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8f20befad9053c6879825e4b2d2071ec2adfcbbec3a2a84196efc19667569453

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Tue, 20 Sep 2022 12:37:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		892 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F&PublisherDomain=walla.co.il
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
f77a83352c60edad41a760d14b706ebfe664f582deed79cd122f2791f5fc88c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
32
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
892
expires
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a75b27e83ebb03509299605716e7d700df425e9a71a15ad1bbf3a066e05483bb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Sep 2022 12:37:31 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
878cb622-6758-4442-a7ba-552685c0a136
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6f067c7eb76737b279575f32bb91eb18e3f4785120adc26b5f77439e372f5131

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Sep 2022 12:37:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
c
prebid.a-mo.net/a/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Tue, 20 Sep 2022 12:37:30 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
19
vary
origin, Accept-Encoding
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
prebid
mp.4dex.io/ 		114 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e604a7d82ddcd2bb7d3ec6b2cb993ecf24deeea12c55b8d2a776e997724f9ca7

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
74da9ce47e3c8fe2-FRA
pragma
no-cache
date
Tue, 20 Sep 2022 12:37:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Shapings: no adunits with size and seat and mapping
prebid
ib.adnxs.com/ut/v3/ 		476 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
508c549c6e4923e86dbf5e002dbd202683b02a6c2a9420ef5648c6f6a8b7aaf4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:31 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
39bcdd8e-d859-4307-ad14-c96e4da55e79
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
476
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		416 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=91a8506f-9e06-4b6a-b71f-a3f0ce0d4ee7&l_pb_bid_id=74fd465271f143&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.095013424117671
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f80d1fc0202648b4a929793d6e602b8101e0c46467bc0d60e6c085540b362a94

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:31 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
416
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		402 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=cd7af347-1134-4856-9d89-be1f519ff263&l_pb_bid_id=7560ba3a758ef3a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.35792677216839297
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0c3f3c3c341bb479508a924226ba8b8d1733c60ed66182286561566acf2a189c

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:31 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
402
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		398 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&tk_flint=pbjs_lite_v6.29.3&x_source.tid=110f178e-ce3f-4b92-9ac6-b952ca84a6f9&l_pb_bid_id=7628fc416a00cf1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&slots=1&rand=0.828023500759874
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
61086c7facf3f810bb53e1d89a16d40c9dd312700775e7b0e719c336fb3df6e5

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:31 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
398
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		409 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=1067522a-ae9a-4d58-8e01-47768da3afc2&l_pb_bid_id=7739e444e34437a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&slots=1&rand=0.5798645150681221
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
90654e406297b417ee331ba0a0da3a8118d273ec5fa40a288f58f98650b36621

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:31 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
409
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.163.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-163-178.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:31 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=61359677957
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1428281446628262&correlator=933547238935020&eid=31068457%2C44761477%2C44771143%2C31061690%2C31067826%2C31068921&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Ctop_desktop%2Cpremium_rectangle1_desktop%2Cdontmiss_strip_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1200x40%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x200%2C320x50%7C865x190%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=1750305995%2C885339185%2C2822717126%2C3185403617%2C581680297%2C3350566118%2C627877340%2C4035892786%2C2413266993%2C3423946703%2C941261747%2C3384287594%2C2655517678%2C199863102%2C41169729%2C2603141497&sfv=1-0-38&ists=4095&fsapi=false&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663677450965&lmt=1663677450&dlt=1663677447224&idt=225&adxs=200%2C920%2C200%2C535%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C20%2C874%2C2471%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x-1%7C1200x0%7C300x0%7C865x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=1200x-1%7C480x0%7C300x0%7C865x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C1200%2C300%2C865%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=718903951.1663677450&ga_sid=1663677451&ga_hid=352577200&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a89dd6c18af335cf9bc676ae725c4378790c0bf1a4b52c4681c7db00d697d380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23223
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-2,38340105,38284305,-2,-2,-2,-2,-2,-2,-2,-2,38240625,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-2,68907848985,68907848985,-2,-2,-2,-2,-2,-2,-2,-2,68907848985,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 23E8 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Wed, 20 Sep 2023 12:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1663677451052&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.2.1663677450464.1827618045&it=1663677450232&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 20 Sep 2022 12:37:31 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Thu, 20 Oct 2022 12:37:31 GMT
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1662969048.571231"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
expires
Thu, 20 Oct 2022 12:37:31 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=47b7dbadf2cf6c68752b871e1923449f_1769_1663677450771&tm=1321&eT=0&widgetWidth=282&widgetHeight=36&widgetX=209&widgetY=898&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=445&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
X-TraceId
51583ef404fa98da814fa0fd4acbd8a4
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
streamFeed.js
widgets.outbrain.com/nanoWidget/2000897/module/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000897/module/streamFeed.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
272a83e862b01b93f18d36955fc51f754df6e632c23a514b3a8b4dac4ed6713e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 09:35:33 GMT
server
AkamaiNetStorage
etag
"1752ce9074904b2827ecec942cb29532:1663582273.538655"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
14150
expires
Tue, 20 Sep 2022 16:37:31 GMT
get
odb.outbrain.com/utils/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=2&rand=70524&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&t=NDJiYzhkYjBkNDlmYTJjNjAzOTJkZDNmOWE1ZWJiNGM=&adblck=false&abwl=false&clss=VQergRY2ac0VbO%2BDkmpp1bSBs4Eb0JVYtGh%2FAbmpVu6JSUgLwF8SPc47gKnzihMCFLbdv24bAwMl23ue&px=535&py=4073&vpd=2873&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000897&sig=PXKElT1V&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.190.132 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
10f05beac5a85559e8e61dbb30473efc57aaa3c32177629c9893de09a65f3d30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, MUC, Europe1
x-timer
S1663677451.098788,VS0,VE119
accept-ranges
bytes
x-served-by
cache-lga21976-LGA, cache-muc13983-MUC
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
0048d085956d36afd81a2e2561664e3d
content-encoding
gzip
content-length
2100
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame E4F0 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=47b7dbadf2cf6c68752b871e1923449f&pvId=42bc8db0d49fa2c60392dd3f9a5ebb4c&sid=7990615&pid=1769&idx=1&wId=132&pad=0&org=0&tm=1377&eT=3&cnsnt=no_consent&wRV=2000897&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:31 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
2263af160425e85293f5ac6a04a2550d
Content-Length
4
Expires
0
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
938155
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx819663bbf6f24532adeca-00631b6358
x-amz-id-2
tx819663bbf6f24532adeca-00631b6358
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"831813ee9b2fc0d248741417a0e3b488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIz9RbrvM%2FPob7KI5C6vQf50kGQJ7z22f2BrqSgEPWXzs2PuOAL2eh2QGH01%2BWpY4nRlQz67mb64EL5qhd4PeLSvbiALgd5xy%2FM1XS%2BPSd8%2BohNSLHBq5Y3dj3NJu180w8kCjWH3lGJnsCj0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1662739245061580
cf-ray
74da9ce5ed369974-FRA
access-control-allow-headers
Authorization
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
503773
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
74da9ce5ebfa6916-FRA
expires
Fri, 17 Sep 2032 12:37:31 GMT
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 20 Sep 2022 12:37:31 GMT
server
Google Frontend
x-cloud-trace-context
f9d86697ead0920c905cfd2371b52ca1
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept
application/json
Referer
https://www.walla.co.il/
x-request-id
3322131f-fe4a-4cc1-bad0-7055f7962279
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-vad-version
0.9.8
Content-Type
application/json

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
47dde01bca755343d22ebbf510dd139f
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		86 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1428281446628262&correlator=1562326982387081&eid=31068457%2C44761477%2C44771143%2C31061690%2C31067826%2C31068921&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cyad2_rectangle_desktop%2Cshopping_rectangle%2Csport_small_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=120x600%7C160x600%2C320x50%7C300x400%2C320x50%7C300x250%7C300x260%2C320x50%7C300x250&fluid=0%2Cheight%2Cheight%2Cheight&ifi=17&adks=2273020712%2C1194681899%2C1073900268%2C2033830821&sfv=1-0-38&fsapi=false&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D936ee16274263aa%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D92f7f86da043f4a%7Cslot_name%3Dshopping_rectangle%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dsport_small_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D90d1d3ef6293012&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663677451188&lmt=1663677451&dlt=1663677447224&idt=225&adxs=1480%2C200%2C200%2C200&adys=290%2C963%2C978%2C2100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C15&ucis=h%7Ci%7Cj%7Ck&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C300x0%7C300x0%7C300x0&fws=132%2C132%2C132%2C132&ohw=0%2C300%2C300%2C300&ga_vid=718903951.1663677450&ga_sid=1663677451&ga_hid=352577200&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24e9c9104ff6de689bc0293a898644e71570ae463a8a15e54a54ce9d0db86c64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25747
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
mv.outbrain.com/Multivac/api/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPP&key=NANOWDGT01&version=2000897&apv=false&sig=PXKElT1V&format=html&rand=80674&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NDJiYzhkYjBkNDlmYTJjNjAzOTJkZDNmOWE1ZWJiNGM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=3&lastCardIdx=0&fAB=11731-42692&layeredTestInfo=11731-42692-&clss=VQergRY2ac0VbO%2BDkmpp1bSBs4Eb0JVYtGh%2FAbmpVu6JSUgLwF8SPc47gKnzihMCFLbdv24bAwMl23ue&dpr=1&cw=282&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000897/module/streamFeed.js?e=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.190.132 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6ec9d937bc35f98c00e3eb886b4af45bd56a63189ba8f4340cdf37bb7a3e5284

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, MUC, Europe1
x-timer
S1663677451.247310,VS0,VE161
accept-ranges
bytes
x-served-by
cache-lga21934-LGA, cache-muc13983-MUC
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
9657d3a68b04aab9166a83dfcbd02378
content-encoding
gzip
content-length
2535
expires
Thu, 01 Jan 1970 00:00:00 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=4fb75487529004d83f26d70151e90abc&pvId=42bc8db0d49fa2c60392dd3f9a5ebb4c&sid=7990615&pid=1769&idx=2&wId=199&pad=0&org=0&tm=1492&eT=0&cnsnt=no_consent&widgetWidth=865&widgetHeight=0&widgetX=535&widgetY=4074&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=30&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:31 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
158258d32f700107615bca417b41eed0
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=3&rand=98991&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&t=NDJiYzhkYjBkNDlmYTJjNjAzOTJkZDNmOWE1ZWJiNGM=&adblck=false&abwl=false&clss=VQergRY2ac0VbO%2BDkmpp1bSBs4Eb0JVYtGh%2FAbmpVu6JSUgLwF8SPc47gKnzihMCFLbdv24bAwMl23ue&px=535&py=10488&vpd=9288&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000897&sig=PXKElT1V&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.190.132 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d5683d58b251220fd51524d94a236369390b88e9e5937e77eb823340ed2db8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, MUC, Europe1
x-timer
S1663677451.267862,VS0,VE130
accept-ranges
bytes
x-served-by
cache-lga21943-LGA, cache-muc13983-MUC
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
cc2adb1837a994d38acf66e92397bc58
content-encoding
gzip
content-length
4037
expires
Thu, 01 Jan 1970 00:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 0CA9 		0
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9ce66cf16916-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:31 GMT
server
cloudflare
vary
Accept-Encoding
36d5578ba0396e88eb3e7c78a99ebaa
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 5DC1
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/36d5578ba0396e88eb3e7c78a99ebaa
0
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/36d5578ba0396e88eb3e7c78a99ebaa
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9ce6dde06916-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:31 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Sep 2022 12:37:31 GMT
Expires
Tue, 20 Sep 2022 12:37:31 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/36d5578ba0396e88eb3e7c78a99ebaa
Pragma
no-cache
Server
nginx
x-sticky-vk
1663677451261030-382
v1
match.sharethrough.com/universal/ Frame 9006 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.223.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-223-252.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
vtvF2gBaSkXNS7JK2MYo
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame F480
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/vtvF2gBaSkXNS7JK2MYo?pi=smilewanted&tc=1
0
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/vtvF2gBaSkXNS7JK2MYo?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9ce78f476916-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:31 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 20 Sep 2022 12:37:31 GMT Tue, 20 Sep 2022 12:37:31 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/vtvF2gBaSkXNS7JK2MYo?pi=smilewanted&tc=1
pragma
no-cache
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Thu, 20 Oct 2022 12:37:31 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=9ff65a7fbfa63caf6fc15006a838f372&pvId=42bc8db0d49fa2c60392dd3f9a5ebb4c&sid=7990615&pid=1769&idx=3&wId=127&pad=0&org=0&tm=1639&eT=0&cnsnt=no_consent&widgetWidth=865&widgetHeight=41&widgetX=535&widgetY=10547&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=144&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:31 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
7de53470af247f5934d2739c6ced5bee
Content-Length
4
Expires
0
setuid
ib.adnxs.com/prebid/ Frame BFA0
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9b08554c0129b156e2f813918930b434
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9b08554c0129b156e2f813918930b434
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
557e061a-86c3-4b3a-ba49-b8f12c0fc05a
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 20 Sep 2022 12:37:31 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9ce76f246916-FRA
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:31 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9b08554c0129b156e2f813918930b434
server
cloudflare
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000897/module/ 		503 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000897/module/singleAnimationOnFeed.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cccfbd3200304986084060cff977059fbd45ff060bfc8a6f1e11e23639fd7453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 09:35:33 GMT
server
AkamaiNetStorage
etag
"c5a65481963146ee65d941ed5d1f371c:1663582271.864685"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
339
expires
Tue, 20 Sep 2022 16:37:31 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=bb1cc79b8c928aeee3637cc3ba49f4fb&pvId=42bc8db0d49fa2c60392dd3f9a5ebb4c&sid=7990615&pid=1769&idx=4&wId=1515&pad=0&org=0&tm=1661&eT=0&cnsnt=no_consent&widgetWidth=276&widgetHeight=0&widgetX=212&widgetY=939&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=165&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:31 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
64ae2643779e08b784ee6640303f19fa
Content-Length
4
Expires
0
get
mv.outbrain.com/Multivac/api/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPC&key=NANOWDGT01&version=2000897&apv=false&sig=PXKElT1V&format=html&rand=84952&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NDJiYzhkYjBkNDlmYTJjNjAzOTJkZDNmOWE1ZWJiNGM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=3&lastIdx=4&lastCardIdx=0&fAB=11741-81726&layeredTestInfo=11741-81726-&clss=VQergRY2ac0VbO%2BDkmpp1bSBs4Eb0JVYtGh%2FAbmpVu6JSUgLwF8SPc47gKnzihMCFLbdv24bAwMl23ue&dpr=1&cw=865&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000897/module/streamFeed.js?e=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.190.132 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bd93e063fc68291ae00806bdf2a35eb93ec7160a9d26bf13a6b0b0f235258722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, MUC, Europe1
x-timer
S1663677451.437376,VS0,VE338
accept-ranges
bytes
x-served-by
cache-lga21982-LGA, cache-muc13983-MUC
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
ce1a2362fc5a8168dde342b8d644fcc6
content-encoding
gzip
content-length
3178
expires
Thu, 01 Jan 1970 00:00:00 GMT
connectmyusers.php
cdn.connectad.io/ Frame FCE7 		1 KB
833 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74da9ce7d8669195-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:31 GMT
server
cloudflare
getuid
sync.smartadserver.com/ Frame 0451
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 20 Sep 2022 12:37:30 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Tue, 20 Sep 2022 12:37:30 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
1
sync-eu.connectad.io/syncer/ Frame 8E4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
74da9ce839099195-FRA
date
Tue, 20 Sep 2022 12:37:31 GMT
server
cloudflare
via
1.1 google
container.html
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Wed, 20 Sep 2023 12:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4DA8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Wed, 20 Sep 2023 12:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0177 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Wed, 20 Sep 2023 12:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A3E1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Wed, 20 Sep 2023 12:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA7F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Wed, 20 Sep 2023 12:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6704 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Wed, 20 Sep 2023 12:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D1A0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Wed, 20 Sep 2023 12:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 60C5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Wed, 20 Sep 2023 12:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 98D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Wed, 20 Sep 2023 12:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
58aaaaf6-953a-40c4-b830-55a53ea376a1&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 7E6F
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/58aaaaf6-953a-40c4-b830-55a53ea376a1&partner_id=1010
0
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/58aaaaf6-953a-40c4-b830-55a53ea376a1&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9cea2ca56916-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:31 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Tue, 20 Sep 2022 12:37:31 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/58aaaaf6-953a-40c4-b830-55a53ea376a1&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame 14E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
3bafef7aa4e37890defcd73f0a080481
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 88DD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19606
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 18:04:17 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
/
www.facebook.com/tr/ Frame 3886 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
Yym0CzpmFmunT9UL8.e-.AAA%261181
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame D155
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yym0CzpmFmunT9UL8.e-.AAA%261181
0
583 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yym0CzpmFmunT9UL8.e-.AAA%261181
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9ceb0e856916-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:32 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74da9cea59299b3a-FRA
content-length
0
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yym0CzpmFmunT9UL8.e-.AAA%261181
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8wzqJwtT0w%2BUVeBnPtGIh2EtsPL4NasN%2FRN1p%2F5cG192V7pKgGizDyFP%2B4PT9EghA7%2BgBI%2BCE3e2uLYEcAm1ysbLf38V7oVaZ71YM7cSSBwdEzg%2BUmHK7JZwz1uJNySH2J1j7RUD62deA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A3E1 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 09:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 09:01:24 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame A3E1
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvW2CSWD7tm7Hm_Ulg9DtZV4xcfZvcT_qylL_nvAR99zGkz22Tg82LxmXPaD0rT95eE3pz105N3_ueWS9pSv0k6DkuD9W9pJpEQYGi8kVOCYQE-NlCnrw8_-0tBv3KxJ1IDgSfeM...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:25:59 GMT
x-content-type-options
nosniff
age
490293
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 20:25:59 GMT

Redirect headers

date
Tue, 20 Sep 2022 05:34:44 GMT
x-content-type-options
nosniff
server
cafe
age
25367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 20 Oct 2022 05:34:44 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CA7F 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 09:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 09:01:24 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame CA7F
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjst0icFiANSczdqhCBRN5mKXnrFeF_7lAKaZcEKT188Cbc4oI61bL_eHL4HGHuSJxVzZPOlPhGarNCqvl5y_toe3KQxINm3uckkBmxJwJ66_NlfUoRPPchjWXkdT2I1Ejav25sRi2...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:25:59 GMT
x-content-type-options
nosniff
age
490293
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 20:25:59 GMT

Redirect headers

date
Tue, 20 Sep 2022 05:34:44 GMT
x-content-type-options
nosniff
server
cafe
age
25367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 20 Oct 2022 05:34:44 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0177 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 09:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 09:01:24 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 0177
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsujg6ahlM8FQtjToxBEStiEt6svBvmiQV4Uayvnjsli9ThbEAYwABW0mFY3zqa77zM4G_EIh7f6i92P9W5uU_41VP2MAoomgaovs96eGxKHTvHcJhz6nAkDUW0iBMDcrj2BOlga8...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:25:59 GMT
x-content-type-options
nosniff
age
490293
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 20:25:59 GMT

Redirect headers

date
Tue, 20 Sep 2022 05:34:44 GMT
x-content-type-options
nosniff
server
cafe
age
25367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 20 Oct 2022 05:34:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C009 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCw62oYtpWg0gEwAQ&v=APEucNVEmTZj4RdMcz8GbpMvVNPvKulPJ41Yq1zuja_7gBJ32crHcxZjekoINkwLzlkJNBW-TG2yBVV7A0PukceDFsp9tVlEojgwf4UPvwmkr5RKV9OK0mG8KWoCPlJulHXJjH-NGpLIAQZ5qiYZsnpxosmCaDMtWTxsehBprmpL4ip2xTpObcE
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 25D8 		28 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9H8pdKzNbtXyytEh-iJuc3Ne8Q5kbQIPrhPC78cP0GNxkLFXTMBiKFqKPEgCGIWLmmMqCS8S0dtWQ9uAfGNlN63IowCPn9zTQTwkDA2dg4X6nbocS2xZLxGjCkjEsMFgMi5WCOhsbjGWKT6laBZ3-uimoNw&cry=1&dbm_d=AKAmf-Abnl7WbtLK--l4YwsWhHvSeDx38ve-jw21XX3mdTYA6WIQmNz_jCu3AwLf62B9A40fudHCjrqORmz9U95NHt4hcLbI9M-R2K3yh-lRam1zTsgEIQnT6RTeGsPa_4hJhQ9uUvc1PqmoSwWDEC3gL8utidDKt84deUszt8Uv4zSqdSEs-kNVqzDVNqe-3nq0v-LX-6vc3qznec_wzgk5TcsA31Fg2Ljgzupr3abv0U7qHFo8RJ-GB8buRxaPIC-6SXej_l2gjDnrA94aCXSIoV5oZhG1DcXgDYQ3rtaqzbbB-Z8SZIAswdqJohAd1XPssZQPYsYBpVbhJKHARGsXT0EZCKrFjcPmenVKAXEMKyEnvXqp8NTbgf7UftRFEGJqwNR9i1Xk1TtwfD_8YGM7rAQL43qu0t6VufgWBewisu0QyK-T4889hV_cWdHjvbulqdEFmjI-ggZvaG9HB5a1JswF1mEVa3EmImBMD09hzhho_IO7TSKMXRPPv8c6HLZSOJEDXRYmSLPIpU606_M0LJOuhdzzwc62Z03KgMM6DYAlKvtdWL41xumG1Gia9YZKNyt9ZOgJ7huWUTtCAfX5LSiBH1TieRO46mpQGot1XjFheSQQn3irZgUZgUIPF4ziZlrh5SAMkMyjpyr_E8e-bqJn027czyucG9fMr23CgUXMc_CtVDI1vzSyaC6uR2pZQ5pwGq-0XLX-yGRRS4hIuHDQllyzsA2j0qLD4IuHsg-0rJhqgsl5ehp-bw7K7QHfYyvS8gM08HH-79E7FrdGcpwBGER7YCNBQCNT8Udkl7opDWpqatq1eorxICODdPJX6ZZIhNmIymWeam4uWMx7leFt-6sMaaO0ndEhxqJ0hEV0m6baaCLsh5hpQ2r0_BVr9exWVNfum_6F3CGDDq4Q4xjQW90MEWwceAAh5C6QfdPdWuo25OYwAB4dWlELID7Vi7Ki3weMZlpmbxmxvJjSCSYrmNR8JuVWAtOAsinqheRSTQnQLiOlsc5ffXcLHlLU-IXUw6AxIXBtVvvmgeU-vMv4fGVlWPnp4Gjr-l1BmAkV2Pr2KpScfQUX5a2uJCoHkNbFehqsxdriImEPdSnqRJZ4P_vi9KXzeS7DWFbV7ykYGhioqq_T8bhV0a7HeExQzuPQM7rYANRPw3wAzqyPHRkxnOTklYiITYJhQYDgHL0rlWGZHd0uVAkL6ZeDDNjghiUpWjdT7RQbGsscdR3cseap82JZHHbMcRecYe-KE1htd6el3xkJW0IfTwQkTYvemj2dcUDAUXmLXAa5etzTfnRf97a0-ekPihodsO4ISvA2tR89C2IpBS0K9OURtj_VKOZ0_WVhHe7ajFgKHvFhuJUUthv4tWPCj7jzgyXAkLPqbH3Z_qUa0HTJNGK3m66AocQY0yggafxO8gUptfzIZAM4_6eVH5C9d896nPLB3xXdQZ8v999Wlft6omM1L3LKmRy1Kd9vGnKNlL50ldbNvM621KSG-YxbHl-yzpeFdkDJ6tkgvvw79irSdtfB7YzlVHx6EA6yOBbN2v36NF1hOy9erA1uewimEA8c8HMd4jcYsjGxXETCKh1cJbmDf0OkW2UndUzl_H6nOTDN3TzekPI5KeREXakYH7ydcp9WYztVPb3n2b10qdRSgmAR7lmCMaACKMfOo72Q62JzxEUUbKDMDQogB46eShXILtLezYbR7ahqWN2szk4SVlmHOvV6fDxu4SXqCEybBPAaHC_stI8Gpz2jQls2lUT6IW5cwZHSq-yj8vh2q6-mBTTDeT0Zcpy96odsED9OWn9a0oflYVLE1E0cyckmukNFDit3DPOlESBLXR0Juz6wvEa9Xo6pmQJ1fIUjZfsyzXXMbU2fzLOHMTKFS3Ns_nNZPlmXL5b01j8qCPMz_iYo4szgya-EfsgJMtt5GBkREYQaXBdRxgXvrE0cGbKTmIgn83ZX9XcZuxc0D-0fx35gD4sbxk7sxEu4hIydDbK_L6UM6HRTuPBTW21Lhdq_xYVRwKFzSOOjAp5ttNXRIOUa1SGwX0nLbAdFQiG89FJ0UVPLeRVq9P9cPXE_81EL8DwUdmGNZ8aF74FqWoQb3RH_Opeb_IxkJNnoXyNn0SaVC_ztgZ3REwlKIb9jSz2lzl7zu1jWjcRtVO8ntWTnpEhBVyMnH22n1nF-BIKhMb1T1Oqg1tUideWLcOkWt7hiljpvpP-mpxaSIktXBYwaKbV0uHiyvYB5kLnOL0_gFVLmT_nPh8daWXpns9GCcVSBTisToraexeByqB99F1hrGLHI2qSsC500KnUt4kBXwy1m6h_xOXud84NO8XgYi-i75IydAtPCKlKRGEYgO5viQtF_fhPb9at12LhjOrxaJvRF-O3J0DJLs3qPH9Zz-ZfozTtFb91qFyEFI2UJK1iRFVjTEK61NFo7JNb0mA_-3cCdNZeWpneZBGuu9vYv812ZDTe27GuvE2x1iKQDPRbOpIA0nQZqTRtWh3EmtFYAy9kuZ_f-t7UDeOQGYxkU26IVVe0bqWTxNwigA31cmyYnauUATni_UU3pnZCEERGPrXNIuTALiXAC9OTQJq-PqGsrIK5e-7OwHWchd23L_ur_L-Vp4Gm1tPuBF-aFDqoou1ixAO7VW0Lbx5zsJswoiuMYS7ntqBnexHOWu0eeoCpiEDmDjh_RMLErjGowRvckR7I0V7pJTylyBlFwnkpV_lHIL_4UDENy3G_DJeseNaCOazqmZNoVWu5wzFq02pM3dMhIyhcVMDd0X3XjbffGgkNS0J5x0w8ff4sWd9uYt-87HSMS4s_fTM83OG3Pi1fXOO1lZt1Wz4MxyKgKbp_WLEx8H6aK_BbyKUf1SfZlFfFQaiPZBtxVQNfQyt5xnFYXbjP5RlH0vAJBnjK-kW0EMBSZUkEtPELI6BTwYMnEeaTOIeKd-JD53pB2YVJ7VSG7bV0GZC5cMZGvyPf1YbuvRLFnBWs6Rxj83rE_kouzvaogOfWSMrz5cUZS5TpkEGicdvk6kL4nY6jW6-zrykfiS6NHt1MpU-14fMy90d2zaXBJK9gyvp5Y6oCvaouuu4bVSrakC-iQfqYmnC9Fz0N_rOwlE2qiwqDTo-JDXuxmRCtu7ZBA8k7pBA5W4ubqxBB_Jbg4GQIlPYBMkHU6Ci7NnvORdgF7e0KCCBALlLc3Z6-g-4iWWgO_SIgOhupxA3IY8F_xQFnIi1wYsxUBcFWKMqkAv91KGWbsoIJsmhD57pi5VrfmHSalVGqBg8dueXZSX4Xw6kjYJ9bjkPd0xGBu1yjNwwoXSG1moCnuErmrwQe595_U1qjubKPUOf4SvYgB5meGYrK-uWx7BggY96EAnUP1I8mgX_6Km14WMHN6d-uJRa5HjD947Jrh37-1rMav66rW6Jxvtehz_NVw2_JQS8h5A2NxEptJ48chtKo13Qs&cid=CAASJeRoK803eUsqf8hFjh2-DQlcMZxvRGXejiFcUxASyYVyI4gRe2Y&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bb783745c49044457875353a1cc35aefc6d1d447f78c6e2e031937993c9e440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16837
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 25D8 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8QanT-SSxzmMobCfQ9WGDYodYtvIkyaPlM1lpRlv_ol0PAB5Kq9A1phEaKsWO8lGOTyV3PqEg6fl1U4nBT5FtDxwrnIprMTk52_1lhODx1Fp9qrE
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame 25D8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1078335961&gdpr=&gdpr_consent=&w=970&h=250&ord=1663677451167865&ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCI6NYC7QpY7mfCuSN9u8P6JmYmA3G6bfCbKOs4bfTEOeIjpCLMBABINGTwypglYKAgJQHoAHnlbCWA8gBCakCGQyb5wbTsD6oAwGqBOEBT9DPHCRUoDP-_rod3P0vwfO7YJYyeDXmatjB1_hpnhEb58EM4AcPilSLnuyV5ZOrt_Zq6QkzUxgA4azbQgn_Ry6UdFThSUn9kvSGV3CQCKqJDddbcMPMn2qI4G3grK7nd6Khxmc5qsf9UDKTNwfmKAyuQAJSO5yoTt9ftBUMaT6oGWAV2QmRlZZmlEsGkz26Q87acy6efw7EWTJ_bwKZlFAXRV8R8Yhj2MICzOmaHLmYPHun0VoFJoglayKJshjlf3GQo1Kqtb3iW37AL84RJ_T9PELuL9DoWXigLv59TogYwAT7n7bPjATgBAOQBgGgBk2AB4Hqz2moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4OBzBDQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRoK803eUsqf8hFjh2-DQlcMZxvRGXejiFcUxASyYVyI4gRe2Y%26sig%3DAOD64_2HpIXbLeV1iMydDBaasadu3x-v3g%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-ASPCm8A2Hmf5QirCXOlqS1hxBP-U5U20dwDM7Q1pO-7D9cKeuG43Qf_n7sfSiTKc7c1UIPZVv4S7kCj4yS0x_BNjzCnshANQCBUwtPRI1-0fUZFfHg-YbiS-5UBmGTUm5JFOWec9FLR9Sxuk0OOqmN7ECICw%26cry%3D1%26dbm_d%3DAKAmf-Ctmcmh5WUwL5ghSikzTg2m9e-1DfWXikFlIWJ_Oer3aAoua4QHtCQ-ocn8Z8-AhvWMMAco31fILB2giBtu9bwdqBYhVm01aj2wQMMsWAEmXTj9Y1IPRCJ4LHc0Wyh1N4jGZ3-JVwASp5HlMUyF_HYE0xc5hLgfx4u-YqKOSYMB9kXhunfUqsKta-o3P_MFoGuT8MYRRcuWdY9FCLDqccX2bZAGtF8F5gbsBn7Kn9Nrk6PZrYbFINabna9A_OjbKLToBzjRFL4TTU30fGhTgcbAov-g_Cq7hwgQZsENTtXSUubF2SB4pv9mmVPZf0ykUpJY0od9XD7-XN2ogcv4kwV9DyOEjFFA-4beUCB0ADlYkThjbTMzSR6C00kcBThlCZTQvQ9H0BXJBhwXxTUr_TT_XcpHhMsi3IebGxnP7XYOZd-YfNbQTcMVEEMmw1SJH0mn3ICFV_8zF7bLtsjk4_yUgrwAxXDuQaHJcxWB9oxOBiasTGtCIieayyOyKAfq-9tbHbwbtTBaNV7H9rvDU9sRivUtqg%26adurl%3D$$&ebaddid=$$[Device_Advertising_ID_MACRO]$$&z=0
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.79.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-79-58.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
22f9852fc03b5fd491c82dba0d74246740272573b2b206ab1039c115b9d18075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
5788
expires
Sun, 05-Jun-2005 22:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1153208/65390207/ Frame 25D8 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/1153208/65390207/skeleton.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.78.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-78-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d7cae7cc6964d7ddd3374db2a2a4b444ea2db2770c1151a9a900f11506a7f273

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame 25D8 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=1008835467&campId=18181863752&pubId=1&chanId=5855464769&placementId=440928950&dealId=&adsafe_par&impId=ABAjH0jCvM0iH5WXJ-fLHqajBJOC&bidurl=https://www.walla.co.il/
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.78.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-78-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
feeafa2ecf74ffd3d8617b2e9dbf5ad76c7180c564c5d5b83aa15956f551f892

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 25D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:37:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 25D8 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:35:18 GMT
l
www.google.com/ads/measurement/ Frame 25D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ56ty3lU6TV9JMSWVFmcCrC73b5X9NNxnBQzHJzhUyqgORvWF4YHzT8typClKM2O6XpLtDXfP3ANC9tI5n7U2c3xBIYA
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 25D8 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 12:37:31 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4DA8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIBYoC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8AFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZfuhCKDsHo9V21_hBADd7J5G-nFnlXoKInekjiXpq5GvnHv8d5nXrgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=q8aHaMSg9L8&uach_m=[UACH]&cid=CAQSPACsnQUxzxWQGf9v2og5DcAItLM18uDp_27jPoMdOEmU6Wh-UQGr1urTiMR3XThNHGRvNpk5j7B-ByeAlhgB
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 4DA8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k437E5PxG6wCyAGdg2ICAgAAALjck6Iuirl4UwfGnKm6Zz0QCrQpY6ZPiOvfFjVff2nkABIAAA&wp=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
server
Kestrel
server-processing-duration-in-ticks
313200
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 7FA1 		148 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5c08390419ff0e4331d4f91459b06b091a443aa1cd789c1421c0fb880a0473d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=wFnCK7BJsU4rBnsx_aFvd7Gkh0dHLfiUTc533XwyvEOnvfaQ8ep1g5LqZOEne67AGYbTzx0BIvzYBmcibGr0ehST9QS8JX-5RMrKHd-yn_C4aNGTvP_30QuiTfXHaLHo_dwfvc6S08yOILGYOThAaSlgAEni9ZttmSOgCRK_wm_we6yaRS8H1fk6cMX3YcJHPWoVJyk23OzpE24dzRnf0P3Y13YeC1cZapB03TWl7RQpRHIbjcrl-mGh4TR602Lm04pxAg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
125303852
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 4DA8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:37:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0CED 		1 KB
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11646
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Wed, 21 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 4DA8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:35:18 GMT
l
www.google.com/ads/measurement/ Frame 4DA8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyUESixqKWg8_NL2wSkt-cVK4iTKiRNoWfHp8Y4NIXLEiAB4Q96kx6kuLJ_rPB5U0bejs1iJbohKVcIW3m5Fss04UfZQ
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4DA8 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 09:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 09:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4DA8 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 12:37:31 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2C3A 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj31JHSATAB&v=APEucNWgRks_7xQtf3FOClJfT4ztpfk-Sb0CqgryWsI6lsx-M6jrfuQMQPpyPmeoxqZGojqysrS6TLxPpi15J-pFl7YXDkNV2wXfRcjSikYV7f0ap0NGF-t8vB_JkyGFunz82VOzPqmzPZSZBLx9LiFPeqNxSuB8kMa7f6g7Fuzg_WF1yPPgiws
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6704 		81 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVcbWZvEm3jqUyaPRjZfoVp3Q2AebAatZsYJBGqMbKRvJvUMWyi2RTRWGWhpovA1nRw_YOJZupXzc8_1F7XulPBOm0Fw&cry=1&dbm_d=AKAmf-BhrfeT_G97DpO9e89CNgQilxXJrCnkmR9f2rYiSDgJF35qXd1JTv0MUcHxHInBuUdX4hv_x25HJwOvgs6jTqmQZk90E9mR2IT756LhAeRcuhDGTs60sCKaUKyzYM1aQVMYR6iQivzhIh7SoQtXDIBxSRESRrjqPks1wwsoGcoylBjTrFDBuyobhrr1HO9vVFFkf-dWXELcTmpPoYvcClTiZXSxj9F-byBQnTIITMrg6KfuykZP2-Ep75eAMbSWug6cUG4Kv0Fbu2pr5SkT15f05MSl12zeG3Ew6D7zkyZn0u0fbumtxc6LQfJ8xoEaitHLIb8E7lBJT-U_0r85xUs7E3fkwhIQezqU2c6VefisR8fkMhMLlf63cVVw_lHUYlYOf5ffEzo8mJQslz7pk9xxZm5JcalV-kZHpM8gcCapGuGyzJA8bUlVq7seJSgmmEud2BBJ0uBArcT7t10t8wXfMURzXBUJpR609r-bZ_HXSpgtgRh5Msk1tDD-TDXWGND-5fX2tB6gH1Fn_KBWB0R58f-0kv9ad-MwMIQz02FLECdaY7HAKkUBH3CqncFjmPYB1JtJ3GNLYWNppKCKoohLlp0QztNydnVE6aPi2MM2GgilK9wWxvMMw9IPCr07tEcXQbYt3U-7_NfqFze5vrUUER9igZMKeun90ynkdtMYlFWzA4NB_2Zr_BzGFRHh2zk-2cisOm5Ia8BwX5Tq7NOxFsTNWk6SrXs4DyZ3lL5iDoiUHrKZVnEqb-ytzUGLlXZahrb1K1IPcEYSlZ4TnDSiXfwYdJ7igK6ebRy97PQatJUVm6_AIUzC1JM-Z2FthmRKB47eEQSaEnGxJ-0py4tAGotvmxpNw0yp4jT_zaSmnHoyIAWUJCemQ1FdWb0M4WtvdRTxh3oXuVDJ4TB65tpOlOn-WulnQrb8RHwFctLD8Wjj_0wMUEcwKoaOlAID636fHRfcadXctLdiLNmwoFe77zDUWmlBgLo6HkrvzLIIIr6veZQr_ST_LKu0iH0FGakBPZbNyxob_VlJ5XPsk7XUVx_wUP4XKiF_dobzuHG6EheR_ADoan5qZKND0u-n2KZ-PykDMB5LBLNUaHNjG5vk2Q-awI3AJhcS9Qiq1qUZDmu4ldBjWRtFZJpvd8qSCaaOMf3cDyPwBzTH6KkjbWbCAxwB5nml7eeKWDUensYy-4maxKOkNt7xs8QPKzZB31xzngQaG-c2i_LtfFTM2JDXDLiQvOJx-LrrSdNhAof-1K60hhH8Y-eeTGAazajwBlIRZtXgJieU00DxVW9UH_SHHgu0mElgpJGf_Pkz3BW4GSCQQwbDAteLFAqhuYPRjM-fkC4uv9N6UczaemdBSy1Byf2o_pmrP1Gsu_bjFXN4V6quANvUAsRkCR5x3mMr4UFV2cpDicTVnknIStA_cVYtpF4ailBuZVvF_Evb4PY-TIsdZaFnSlH6DMRRzgsKbNqY5ScgjM1SfN5N2DmXE5XK0RK6r7SMPxphM2rbZzvlwTNX6tdAqxv33xwrXADPEbyct9rCWGGefz_uMjesDm4mS-1w-idoYEE7_Xj4_HDchisXpQzJVkezFWwt2F7H-nvsFBSOLE5NtmokSoCBXUAOtijGxh4kRObyHatwUZ6gVxt5EuAX-cOQBUsfvJ8TCqnl-UU6xTWVK5I0-qSKdMoIbUUsAx25KqeK1Si4XigCyzWUiR_yc8TO-8TIMo0zU804PB407aMqHBuq32kL0QoJMb7X9fgKH8ptc-efnspmUPuYpOnI0WN3GuWz8_Gj9Iejhi6r3BuIDZHUXB_0j_P-LSo4wT3lS7wV4EG1gD7gQxbl2elV920uJbY0avK-hBEE1ASH98zLpr_D5wWCRe-FmIipH9xIMCYdrkHheMC7sG0pLn5pvvB8ZCWSKY0bKaH4-o6SOMRNix1Xgb-_-wOvsJ2341wnI9vVOmobwXFtStTaSTDXYnUf5k3vXovWZIz9vTyePXxWqqA6TD3b2lP3fx8UdIiDwGaOjIg_Qejpa3d0JoLHIae_bCDMZMNMWE2uPj9glP5CakH4aZFk_mk-2qj5XWFz4B_pZQW4b-q9GsFjjAx3YrCnqlsyVz0Q6AzZOHXNPwd-hDGTFlOAt0nNO4cbej448zJChjhsxXHtFNAT7058wEzQaZ-fKDZiNFRIAF2JTMGmvacZFEVMzcemcbRR0OUbD71kURJOW7jBlfbuMrtFeMclNIqXpHaXpvmO9uGvokY3t12N7CdxvRXzjhKBupsOEfiIBG1U5mKGQh_jWE4hUP7FRjc5XEiXCtWlq3TN-eb33a9tfnnaZ7ROPZcOMTjArFLJ9UDHxJOtGYi_Vv0qknkAntjcLUXGvcZY58sHsTTsO3rLtfKUeqzyDatF6dpsHndNjQDsprWYtgjAn9dUqScbgCj4EzJCAovI7eCtfbNZj5R1IpxYbSMdSrYTQCJUll2KrWDKfDvhlL7cjnVRq1Kya5GU_EC2m2AfT5EjNqwhvwLoRXfykSMmUhlP8xQFQv-VVGiGz0u8eUOVHsWioft82ZyzCqvHVj1R8vQ_Q-LFd7S5iRE4oZCLiEEWCj5rzfqGQ0PIqnLh7qi6ZUDyfSPmLEQfbimd9_-5SPHGcplUlg7AlJj8PaB4bZJ9RsyYaXcSteKT62d7ghUEyTCP-dmR7Km8DK0yK_yw4s5JrRBFr3_T6TJbHQZW2QYqgPuGw7vPNv68zDaaJK-w85PIoE93nAUiu87ZvTz3rP_6NQxfsFISQJAiOR5dUcIKynO84uNAhYJa265gFBxrE0d7DJOgp74JsOWxkyFjziCqZ44xSVnflK2UIRnAu7lion4w0QM3415oN-flV0YwlYlVk9sA45XnAY1QxXgWvYZdfrfQ-r4obQ6bD07jai0uicQfIV89zCg2b23jYJzoqIy6kwxXkMgHjzWOwLr-y927Eybeza-t2vFEOlah8-jOcJJGUQkFoxY9dS0i4gSG5JTC3V1d47kbrQGbWCjIGj7ObD7s9ChNTqLKeUqBNYiptkAMc4IWIOtJIptOZnXfbyJCzKDMz_AO0QSkShLGzPFOyEZimTjoBUzbxxMdnwdMV2m8DpWSATjL501rhyc9eNXch7rXSMhY4QY4rR1pAy0KRls3Bsly3q9CtHtSESTy_tcYX0BNkTwYTtyx4nzVkhAZOispT-OX5fi4L6lPxQvcZEBoBXNd3YGjjQSnei6PWypgJ232r0mahQoIp8vkQUh9UCsU4i3tBU6g-B3lbaVqDG4cIsIknLpPtUQLuHevqV1-NOfrcCIeg1GknAoNa5V-SQBEX79pmB83QsNc46jmcjNXwVgNM87QATyCwOi78Q&cid=CAQSOwCsnQUxu2NAjaEoylVtnrJRxDSzGXGT9SCE9FDKilrk8AZ24zKxNoRs1YFisgFitOy2aezu1OLj9mSvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9b55f58001f9c727e3678d0883448fa3b37dbe8f4afa62045223dd41a2ea56a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34242
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6704 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFT0iRffFUVd0R7nTwvtYilHMMP9Sa6AW_58OscGCH9bcoEp7N4AL6SVGfifinc_9fC_3Y5PklEmrQcZP5uXQUsgys5ShTVca5Y7FNJwbjZUqb0Ig
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 6704 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:37:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 6704 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:35:18 GMT
l
www.google.com/ads/measurement/ Frame 6704 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRHdGxxfoToANvQu6jRXK-4igAvTzlxL3JYv3jUtXAMd6H0Xoz8_ohDrUoaXUGMRveBIwfAWKUhIYg6IpBqL_fqnmmxw
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6704 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 12:37:31 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D1A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cxgt3C7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3bYdykWIK-gvguGSajx36SOsVxzU9dfi_-uWR3sU-VPXySZ7GkUzgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=BYd0zIzZJ0Y&uach_m=[UACH]&cid=CAQSOwCsnQUxu2NAjaEoylVtnrJRxDSzGXGT9SCE9FDKilrk8AZ24zKxNoRs1YFisgFitOy2aezu1OLj9mSvGAE
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame D1A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k_mbC7r5RKwCkAOdg2ICAgAAALjck6Iuirl4UwfGnKm6Zz0QCrQpY9SsK0fAa226clxdABIAAA&wp=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
server
Kestrel
server-processing-duration-in-ticks
188474
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame D2E8 		132 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08f2c4716e3b047abddd2876c7f406106c6f54ebbbebdffd75458777c0712c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Lx1-27BJsU4rBnsxVWneR-Y4du8eQpb6V7MFTJp-Er9TVklfEr43kwT_lJGfFMziB32GySTPVlbEOdhrCpBE91a6xUYs-EFK-x4ldYCwGoDh0uYswJ7tKQyCb5c0Vi5TIuZO9kPLfEoa0cS9vzamtIMilL5xec70nbjruWuKpLpBOFOtld5L3SM7_chmqOVJA6TJr6bNeWPZirv9BDFj8TRbtXedkRCQjfk3cfNAH8hJLIRueDzB_mvLCTAoEWCQyg9nbg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
76593769
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame D1A0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:37:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 70EE 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11646
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Wed, 21 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame D1A0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:35:18 GMT
l
www.google.com/ads/measurement/ Frame D1A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSg3DPzVpiDhGN79RtZUY02oO8Hu-1Ypvp2cUvn4rZifb11MgMBLSPqR69nQfE5XKS_2yjVgS8aLSKiCyM1C5kv4y8B3A
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D1A0 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 09:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 09:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D1A0 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 12:37:31 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 46E3 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhju05HSATAB&v=APEucNUw9rRDgGwDKflMM5DBMvoPv3iCPTBFOhO0dFGEA7X9iHzXH__Q3BshQSc48HVvLFyLqbwlMnpx3HFK3-Nt7FolUgHps_b3EEshfCNt_opqZCPbxxgt6QitmtsZEoqI5D0h2nWRVJmjOXr4K2poAYVr3lVxQiN_EDKmCWxjVYwL2a7bGxw
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 60C5 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyQUjKVdNumalDHMCohWBfr1RYuCznVLpSE0a79LBGJpSeR-t8ngV9vL7j84ByxsF-FFa3d4SskiomX6mO-TjX3MmuMQ&cry=1&dbm_d=AKAmf-CIpMpVznZWI2-Mu_LWuOInmwGMsvwBDh4Ni6f93XpBb19pS_2O3XDzBp5u3AcCi7XTqNNPUZXv_i67o3UkIRMG_qvYEfPBK9vDdzK-SJ5xh73lxcdkCEHKqPIWK1enOUnVHUNOjI4rj0-8xFTby5fvE-bz5sy73RvmQaXFaooos_NAb4Rwd_5jQvyd6kjbySMu6JW5gmYaSXV06SkIGctTz2UkBN5jwbpm8JLYa8u0o-pNo0gnsiU6GeTfQOP8KDZCnYexxc2cUtiV3Ykk_Z1iGBQOZlqkLaDgrf545bT2e5qEVmTpjp1gFgIFQVULAgQvg3XooO0QET4nu3JI2G9dD9xN25J2nxv_mOewWBPoQrBQyzCBAklXmOgqpP4Wf5sVxH3LR4r_otI4WRtvMZ1sNeriIPoEOlnU5a6uPGVyX6f1STdMj6Q78UQBRZM_454jXzY19615oMrFZ-0YedNK1akwcy-ETqeiIyMjU4MvGDFuNft1AyOctGkTOpdVxNZc80zOiJ-OgRsQlG0auMybvq_OfHd-is51ScoW5kR6QdnazDevwc9mUSC4MOzOklUrlBM2pQlwlljZRywGseruJaba-QECqV0HWiWJhQGuJBEn5JlHbiMA5GNGxDK59q0jnB0XQhEF74j4ubQVvRxTeLMLJhjduw5MyENfSnqSSNWev7jYO8ndIrViy4BZxzNBgpahIW71pk32kR3pg9SBjaSvu3UgUJerN-Qmy3BgfImKXRz4awM-nsJ-KsXTtSJ7YwLnP0YC556qWEZW3axORz_mxU1v5QFcgWbcTjH_gk2YRZlvCo1ezdsoNCqws3g9SKRYYV6NcCOWVUPqwcbpzniWHlBWOkbO0f2Rq0AW6t1jPONFpG6ergtp1g6XbVjgebvQauZ3SayfxKbYBxBx4PJAbObqajivOdiTLFMT5OtjbBLxVF8ZQ-3a4GgHsa739DvMrem2dD9ZSWfSqlWu7uS4mA41KXmBc-GW4rDILYbZdxT89AJnWzSLeopaSiRsZhLFRjl4K7hSGR5So_50vfUfkuEMUfjsUSskpTgZarw6OaY5APsLzX7AVS1tvWUIajzcu7PSwGOxTWweHC7gavQvXk3joh-2VP2Xit7yT5g0q5B1w_B2UPobu-y3FGgFhzm0ye89PIq703inGwZjh65t9eXLFfpZHM2wt1PzbrwZxt_4rrH0W0yOQ5xBdKT4rpdVrAtEy2kVamnLOnH6MP3IE0NI_wD0-9IAhbivUew8ptuCM6zZb6zrIdYruW2D8t3yq5HBJUn8dj823t7L8sePs4bxfe7w-8_GRFg_yec_TFq8BmG-RCMGJ3Eojf2nub2sP-xtLKhe1vhctlXT_sNLLBwCd7wJQNytj1fEHf14yxOE-HGzi7duGDmoKY2_odxL4Bn-sknXRTNod-x-fw8H1TD-U5JJzX8LDZ40FDF0SvtIm6XyunGUZVDXA46pcRqXq727nu1rj81zvpZjIT4N9I8V_arcz1RF5uraNn_xqYuG8lKDA2Km6QTrejFA2PbTB2f3gM-2ZbvIBINIIZUCiUUmOLWUsbEFlMhBMI25WPC55uR6ACyM9dirzJLad19BwMPX42IH00a1Yy-72kdrkC3gzaJL9hxGrb0P9idOBqmPjf9c3xhn5qUa-S90lPw96nYZcGg3QmVFN75E4zKKENe-svVYu7is790WePy4m6rs1ljYuXcAJz2GsG6Z3ch9SLTIN9uuCT3MmhLB4YGjBORzFvjCLxcItID28yP6DSN7j763AV1zsHrLk8ykuK7CObqRQKzV7fG4kyd5m8klqOB7-5iBraO_SMsfzw5t6ZeP4LXMiOBYm5FBtXwpDnYqkj84rOGx78PpnfYAnk82FByuT8zufgql6eVvPAZMeOJ83n7bsynqR0kkcMK46_lCPCbDEhzICelE5DNZN-Cv97Sb-fza17WjlM5gjbV3nC3CGojcExzZuEGHDcoIRdQibCIlREEpi3c3h9K0lIEQ8m_VK6q9F4lYWEPaHebax9mtexl0KAUVHAkUXDbrM3_XRWX2iYcvPa84Yt8qPTIzclPlo-UU-KswujBhB8rTpMSp4XTIeBBAjsrmLK9A-r1_LSSux-KzKvMPcKm1l4xqwkM1pMJ_ZRmZ_uQ60_aIm8-nasvgRsKUsmGEhznN1OCNQ_prd90OIOguhqf-guWvJCUPJXeIwNt5HhOkl2zAUC_j1VpDyYGGtudSnH4OdaF-CmrZWcf3Rr_zkh7yMjDjdNsHwU4QnKsJpw2WKYAX8kDt9lMLQGQVo4nhAomCQnUDDJdu7InMjYXLvEHJeq5kd1tm6HqqDXEKvb9Ecnx6JBpBt9PYbsczUbjZOQKhkO6ER92u_n9mTymOYy7SL6j9BPHHIHCciJa_F_bm90Fr7ZY4AotKVu1f4uqxHhOzcd2e_aEltSC9eVdu7ffVP9mO-cjr1jqVlwt_VlBdcDl5wtywgc5dQMP7T2rk3gUgEMlIzQ5R0tIaO_xgVjMANc6h9F7tEQEVuyLtMYQ-wBOjdFUka8M-RnChJKGA81MPaqYgwdpxTxj3erhv_8xu3B0hVV6czRLt1_XAnRw6Pv4iDrsNbvsvIUGcoM4u1_XnvZo3kXvrRYzIDDWS8xNqybyggEA9qqAeIYnV1FiZ8_7Jn0W6fZV3Oy9VTiqfJkh-DU2Hdxdtb05uGci8RL3nI1z5P2uT5LXx5BW6Z-CJgENBaAsd6FjA25UeWR77kao90ao7CbOdnwqtjue6ffo7ioE1WcnGV0eGCZAOJl62f16e9a0HaqDPG13iq6cO9elaORaUFxae0XwQkWZADfG7atfae6IoTTtCQuGnBCtpx2ttQPlC37upLuRfVOZhUymIz5boB7ozMtAUbH-nonSKEkTeYLD1Xwu2ArNOLjoHogHJBpzFichm1P8WLfAN3NEjAnFMGXjmQJXscweKF4vTsryt7hLXk3nWVlylFb8h4ZbE2NLE0asJNVlEt8TWA8ELN2u1tu3pZjzGLXcq_Giasrxvc53QC859NtAYkQiw4CmVyANh4-h98Kjv4chytN0n-p7czNbCwbQH5lACRjmMaIE0mAAF7aPF6R8x9lANZZq-D812y3BfBnfjUpcl3OY7Vekm5R1T22KirEg1E_Sr_y43_VXM3DwZMDAfPLF5o_SEzMMn0FRN99ffpQ04fO8K_X1pMIoVfIQwRtnoef-aequU06SlASe5XiFLFysue_FJccr_or7DUxnCRBXYjsOR0IwAaA9hrDqwoyQjXMdlFstN5vGoXRMX_VYS2LegeP94a2m97VgY32z5segw30rh-BF8fF9SsYK_hWJqyOmA2oeInw&cid=CAQSOwCsnQUxu2NAjaEoylVtnrJRxDSzGXGT9SCE9FDKilrk8AZ24zKxNoRs1YFisgFitOy2aezu1OLj9mSvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c5c0ea3d8e29243e4f5aa2a6d3304112ba255a541cfa8f5225b40b1b301173a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 60C5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B867tTEuujWFldYABj7V2PTYFK4PDEVP2hvqg4zfSq9WH_FmFW-LzxrwiCKvueRmh-Em0o8jL7i_UhEviyuvW8cv8U4lYqVlMtD71Nr6R7485tNtw
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 60C5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:37:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 60C5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:35:18 GMT
l
www.google.com/ads/measurement/ Frame 60C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBgY-501Zy-oWXRXzbfdF5PfQ_4R6a6H4ZO02vXZJZ9vKdDdeUXGzuWmXuhYp1ug2KPqSoD5OCbona0Cr5txjYYR-u8g
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 60C5 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 12:37:31 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 98D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cyq_-C7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_AFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPxxemhPjOa6p_P3mSuFEnKpP5Aq92_eP_Kuj9cB6pBxIoluW3OgbgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=PatmLYSL7m8&uach_m=[UACH]&cid=CAQSOwCsnQUxu2NAjaEoylVtnrJRxDSzGXGT9SCE9FDKilrk8AZ24zKxNoRs1YFisgFitOy2aezu1OLj9mSvGAE
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 98D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k437E8c1rAL6AZ2DYgICAAAAuNyToi6KuXhTB8acqbpnPRAKtCljJEGVDTypFEoA3XMAEgAA&wp=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
server
Kestrel
server-processing-duration-in-ticks
284973
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame A801 		201 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a1681234a96e53ff6b079b50051b8b4ed63ea554531d9a02dea4c9d59e8ad89f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:31 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=BC2WrLBJsU4rBnsxKegxMU8_8OAE23jH6B6Ms6Hqn7DOKhiMNvH5EGo368ynUd8S-HaD19tnjlHifZgA5KPz2CwMqcPor_wT6qrwEAH8CyRbTw47nppu-D--cInkX4bztvH3Xd-4AriLpPDTibUMlC7m2frSWs3UoGqB1mYOgBmLuzmJsldpLI1V14imCrz0fSCveAXwfAyPqa84vPoBxOy1R8rxH7M3ouDLdvX2FZcO9Yz0pfBQMllnuuqgxMqHjBGYJQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
136540668
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 98D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:37:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BB51 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11646
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Wed, 21 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 98D8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:35:18 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 98D8 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 09:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 09:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 98D8 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 12:37:31 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 88DD 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52787143&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:30 GMT
content-length
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=bae3708c3028858b7e8e7e6527ab6f7f&pvId=42bc8db0d49fa2c60392dd3f9a5ebb4c&sid=7990615&pid=1769&idx=5&wId=1515&pad=0&org=0&tm=2152&eT=0&cnsnt=no_consent&widgetWidth=859&widgetHeight=0&widgetX=538&widgetY=10757&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=487&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:32 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
4f116072f9126a8e92fe44fcba4b45a1
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=4d2fd4201fec61bf19e7d1168dce338f&pvId=42bc8db0d49fa2c60392dd3f9a5ebb4c&sid=7990615&pid=1769&idx=6&wId=1526&pad=0&org=0&tm=2156&eT=0&cnsnt=no_consent&widgetWidth=859&widgetHeight=0&widgetX=538&widgetY=10757&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=487&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:32 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
63438e78f68b63d2108335e5cd598c00
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=5d3eab957f384a977b43a38867b7a5c7&pvId=42bc8db0d49fa2c60392dd3f9a5ebb4c&sid=7990615&pid=1769&idx=7&wId=1515&pad=0&org=0&tm=2156&eT=0&cnsnt=no_consent&widgetWidth=859&widgetHeight=0&widgetX=538&widgetY=10757&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=487&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:32 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
325c39d75c18a9fee143a69511516b5f
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=1249f66ab059bc78f645b7f62857f39d&pvId=42bc8db0d49fa2c60392dd3f9a5ebb4c&sid=7990615&pid=1769&idx=8&wId=1515&pad=0&org=0&tm=2158&eT=0&cnsnt=no_consent&widgetWidth=859&widgetHeight=0&widgetX=538&widgetY=10757&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=487&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:32 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
ebdd14d32aebdb64ebc1654796d37cd1
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=1e3d2987ead0a12aee59bff92305ad43&pvId=42bc8db0d49fa2c60392dd3f9a5ebb4c&sid=7990615&pid=1769&idx=9&wId=1515&pad=0&org=0&tm=2159&eT=0&cnsnt=no_consent&widgetWidth=859&widgetHeight=0&widgetX=538&widgetY=10757&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=487&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:32 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
41ba1c2a4cfbe96c449d32cdc47e4f8f
Content-Length
4
Expires
0
events
khn.crowdad.io/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.99.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-99-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Tue, 20 Sep 2022 12:37:32 GMT
access-control-allow-credentials
true
content-length
0
events
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.99.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-99-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Tue, 20 Sep 2022 12:37:32 GMT
rum
dsum-sec.casalemedia.com/ Frame 2C3A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj31JHSATAB&v=APEucNWgRks_7xQtf3FOClJfT4ztpfk-Sb0CqgryWsI6lsx-M6jrfuQMQPpyPmeoxqZGojqysrS6TLxPpi15J-pFl7YXDkNV2wXfRcjSikYV7f0ap0NGF-t8vB_JkyGFunz82VOzPqmzPZSZBLx9LiFPeqNxSuB8kMa7f6g7Fuzg_WF1yPPgiws
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74da9cecae6b9a0b-FRA
pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXeFzmTz7xmdgtoEAOzQ9hbwTXnkRga%2BzNlY5zYluh59LWzAyKRImldr2bBy0c80Y%2FYpyoX%2FClQPG6aa4Q2QqeZe%2BuLqE692Sewq8XYozfhovC2NjQcmlZFq4e96fBFxbqk4it3dgfJrxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2C3A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yym0CzpmFmunT9UL8.e-.AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1&google_hm=2
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj31JHSATAB&v=APEucNWgRks_7xQtf3FOClJfT4ztpfk-Sb0CqgryWsI6lsx-M6jrfuQMQPpyPmeoxqZGojqysrS6TLxPpi15J-pFl7YXDkNV2wXfRcjSikYV7f0ap0NGF-t8vB_JkyGFunz82VOzPqmzPZSZBLx9LiFPeqNxSuB8kMa7f6g7Fuzg_WF1yPPgiws
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74da9ced2f229a0b-FRA
pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuQMZKShdcZarkmAgv3je7ELMrQkZU3RyaWY%2FYuJws9%2FyHraxeFUUeCky6cLhnaKgsgd%2B73%2FVRi%2B4X2qJqgzP81ruCldpIIVOnTf%2Bf8TflGTOR27BpcgdOYik4t2tT3Ed00Z0WLIYnzJJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2C3A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKfyYe2156tKDT4o8OFL_R8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKfyYe2156tKDT4o8OFL_R8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj31JHSATAB&v=APEucNWgRks_7xQtf3FOClJfT4ztpfk-Sb0CqgryWsI6lsx-M6jrfuQMQPpyPmeoxqZGojqysrS6TLxPpi15J-pFl7YXDkNV2wXfRcjSikYV7f0ap0NGF-t8vB_JkyGFunz82VOzPqmzPZSZBLx9LiFPeqNxSuB8kMa7f6g7Fuzg_WF1yPPgiws
Protocol
HTTP/1.1
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:32 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
94426c98-37b2-4fdb-ad2f-bb540c68cf4d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKfyYe2156tKDT4o8OFL_R8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2C3A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj31JHSATAB&v=APEucNWgRks_7xQtf3FOClJfT4ztpfk-Sb0CqgryWsI6lsx-M6jrfuQMQPpyPmeoxqZGojqysrS6TLxPpi15J-pFl7YXDkNV2wXfRcjSikYV7f0ap0NGF-t8vB_JkyGFunz82VOzPqmzPZSZBLx9LiFPeqNxSuB8kMa7f6g7Fuzg_WF1yPPgiws
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:32 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d85eeb6e-23bb-49b2-850a-c1331b34ca4a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C009
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCw62oYtpWg0gEwAQ&v=APEucNVEmTZj4RdMcz8GbpMvVNPvKulPJ41Yq1zuja_7gBJ32crHcxZjekoINkwLzlkJNBW-TG2yBVV7A0PukceDFsp9tVlEojgwf4UPvwmkr5RKV9OK0mG8KWoCPlJulHXJjH-NGpLIAQZ5qiYZsnpxosmCaDMtWTxsehBprmpL4ip2xTpObcE
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74da9cecae6f9a0b-FRA
pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6m%2FLFNs98Vvg97GIBEP1LZ014%2FCFh851cuZ%2FpgbCixB9YEk%2B8s2rxmjJjzoyXuec77klvIhjXruNzPmPRdZfQFAOm2Th5kknhhm%2FIIxolszxIrIJkCV4olo5YtM6E5wf7Y3mG0M9oB1mg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C009
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yym0CzpmFmunT9UL8.e-.AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1&google_hm=2
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCw62oYtpWg0gEwAQ&v=APEucNVEmTZj4RdMcz8GbpMvVNPvKulPJ41Yq1zuja_7gBJ32crHcxZjekoINkwLzlkJNBW-TG2yBVV7A0PukceDFsp9tVlEojgwf4UPvwmkr5RKV9OK0mG8KWoCPlJulHXJjH-NGpLIAQZ5qiYZsnpxosmCaDMtWTxsehBprmpL4ip2xTpObcE
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74da9ced1f1b9a0b-FRA
pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FN%2FpzYmJtD8pBrv6NQKj0wF56xdooe09ch8DQtc3sGlgpMpUfcsnG5HxHVdEE9BrWF6c21vFYVqavKi3PYIycsDzWEzNs%2F2B3fv7vAmiBpsMRDAHatx5UGxjf0h%2FYDN9ycjzG50o72ignA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTfpRGxFPsiLGbQfYJh9Xc&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C009
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKfyYe2156tKDT4o8OFL_R8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKfyYe2156tKDT4o8OFL_R8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCw62oYtpWg0gEwAQ&v=APEucNVEmTZj4RdMcz8GbpMvVNPvKulPJ41Yq1zuja_7gBJ32crHcxZjekoINkwLzlkJNBW-TG2yBVV7A0PukceDFsp9tVlEojgwf4UPvwmkr5RKV9OK0mG8KWoCPlJulHXJjH-NGpLIAQZ5qiYZsnpxosmCaDMtWTxsehBprmpL4ip2xTpObcE
Protocol
HTTP/1.1
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:32 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
e52cbea9-3d5f-4c93-bdb2-4f02b0b60694
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKfyYe2156tKDT4o8OFL_R8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C009
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCw62oYtpWg0gEwAQ&v=APEucNVEmTZj4RdMcz8GbpMvVNPvKulPJ41Yq1zuja_7gBJ32crHcxZjekoINkwLzlkJNBW-TG2yBVV7A0PukceDFsp9tVlEojgwf4UPvwmkr5RKV9OK0mG8KWoCPlJulHXJjH-NGpLIAQZ5qiYZsnpxosmCaDMtWTxsehBprmpL4ip2xTpObcE
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:32 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
238f5ad0-0881-4a52-a0d3-b6742cdd61aa
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 25D8 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9H8pdKzNbtXyytEh-iJuc3Ne8Q5kbQIPrhPC78cP0GNxkLFXTMBiKFqKPEgCGIWLmmMqCS8S0dtWQ9uAfGNlN63IowCPn9zTQTwkDA2dg4X6nbocS2xZLxGjCkjEsMFgMi5WCOhsbjGWKT6laBZ3-uimoNw&cry=1&dbm_d=AKAmf-Abnl7WbtLK--l4YwsWhHvSeDx38ve-jw21XX3mdTYA6WIQmNz_jCu3AwLf62B9A40fudHCjrqORmz9U95NHt4hcLbI9M-R2K3yh-lRam1zTsgEIQnT6RTeGsPa_4hJhQ9uUvc1PqmoSwWDEC3gL8utidDKt84deUszt8Uv4zSqdSEs-kNVqzDVNqe-3nq0v-LX-6vc3qznec_wzgk5TcsA31Fg2Ljgzupr3abv0U7qHFo8RJ-GB8buRxaPIC-6SXej_l2gjDnrA94aCXSIoV5oZhG1DcXgDYQ3rtaqzbbB-Z8SZIAswdqJohAd1XPssZQPYsYBpVbhJKHARGsXT0EZCKrFjcPmenVKAXEMKyEnvXqp8NTbgf7UftRFEGJqwNR9i1Xk1TtwfD_8YGM7rAQL43qu0t6VufgWBewisu0QyK-T4889hV_cWdHjvbulqdEFmjI-ggZvaG9HB5a1JswF1mEVa3EmImBMD09hzhho_IO7TSKMXRPPv8c6HLZSOJEDXRYmSLPIpU606_M0LJOuhdzzwc62Z03KgMM6DYAlKvtdWL41xumG1Gia9YZKNyt9ZOgJ7huWUTtCAfX5LSiBH1TieRO46mpQGot1XjFheSQQn3irZgUZgUIPF4ziZlrh5SAMkMyjpyr_E8e-bqJn027czyucG9fMr23CgUXMc_CtVDI1vzSyaC6uR2pZQ5pwGq-0XLX-yGRRS4hIuHDQllyzsA2j0qLD4IuHsg-0rJhqgsl5ehp-bw7K7QHfYyvS8gM08HH-79E7FrdGcpwBGER7YCNBQCNT8Udkl7opDWpqatq1eorxICODdPJX6ZZIhNmIymWeam4uWMx7leFt-6sMaaO0ndEhxqJ0hEV0m6baaCLsh5hpQ2r0_BVr9exWVNfum_6F3CGDDq4Q4xjQW90MEWwceAAh5C6QfdPdWuo25OYwAB4dWlELID7Vi7Ki3weMZlpmbxmxvJjSCSYrmNR8JuVWAtOAsinqheRSTQnQLiOlsc5ffXcLHlLU-IXUw6AxIXBtVvvmgeU-vMv4fGVlWPnp4Gjr-l1BmAkV2Pr2KpScfQUX5a2uJCoHkNbFehqsxdriImEPdSnqRJZ4P_vi9KXzeS7DWFbV7ykYGhioqq_T8bhV0a7HeExQzuPQM7rYANRPw3wAzqyPHRkxnOTklYiITYJhQYDgHL0rlWGZHd0uVAkL6ZeDDNjghiUpWjdT7RQbGsscdR3cseap82JZHHbMcRecYe-KE1htd6el3xkJW0IfTwQkTYvemj2dcUDAUXmLXAa5etzTfnRf97a0-ekPihodsO4ISvA2tR89C2IpBS0K9OURtj_VKOZ0_WVhHe7ajFgKHvFhuJUUthv4tWPCj7jzgyXAkLPqbH3Z_qUa0HTJNGK3m66AocQY0yggafxO8gUptfzIZAM4_6eVH5C9d896nPLB3xXdQZ8v999Wlft6omM1L3LKmRy1Kd9vGnKNlL50ldbNvM621KSG-YxbHl-yzpeFdkDJ6tkgvvw79irSdtfB7YzlVHx6EA6yOBbN2v36NF1hOy9erA1uewimEA8c8HMd4jcYsjGxXETCKh1cJbmDf0OkW2UndUzl_H6nOTDN3TzekPI5KeREXakYH7ydcp9WYztVPb3n2b10qdRSgmAR7lmCMaACKMfOo72Q62JzxEUUbKDMDQogB46eShXILtLezYbR7ahqWN2szk4SVlmHOvV6fDxu4SXqCEybBPAaHC_stI8Gpz2jQls2lUT6IW5cwZHSq-yj8vh2q6-mBTTDeT0Zcpy96odsED9OWn9a0oflYVLE1E0cyckmukNFDit3DPOlESBLXR0Juz6wvEa9Xo6pmQJ1fIUjZfsyzXXMbU2fzLOHMTKFS3Ns_nNZPlmXL5b01j8qCPMz_iYo4szgya-EfsgJMtt5GBkREYQaXBdRxgXvrE0cGbKTmIgn83ZX9XcZuxc0D-0fx35gD4sbxk7sxEu4hIydDbK_L6UM6HRTuPBTW21Lhdq_xYVRwKFzSOOjAp5ttNXRIOUa1SGwX0nLbAdFQiG89FJ0UVPLeRVq9P9cPXE_81EL8DwUdmGNZ8aF74FqWoQb3RH_Opeb_IxkJNnoXyNn0SaVC_ztgZ3REwlKIb9jSz2lzl7zu1jWjcRtVO8ntWTnpEhBVyMnH22n1nF-BIKhMb1T1Oqg1tUideWLcOkWt7hiljpvpP-mpxaSIktXBYwaKbV0uHiyvYB5kLnOL0_gFVLmT_nPh8daWXpns9GCcVSBTisToraexeByqB99F1hrGLHI2qSsC500KnUt4kBXwy1m6h_xOXud84NO8XgYi-i75IydAtPCKlKRGEYgO5viQtF_fhPb9at12LhjOrxaJvRF-O3J0DJLs3qPH9Zz-ZfozTtFb91qFyEFI2UJK1iRFVjTEK61NFo7JNb0mA_-3cCdNZeWpneZBGuu9vYv812ZDTe27GuvE2x1iKQDPRbOpIA0nQZqTRtWh3EmtFYAy9kuZ_f-t7UDeOQGYxkU26IVVe0bqWTxNwigA31cmyYnauUATni_UU3pnZCEERGPrXNIuTALiXAC9OTQJq-PqGsrIK5e-7OwHWchd23L_ur_L-Vp4Gm1tPuBF-aFDqoou1ixAO7VW0Lbx5zsJswoiuMYS7ntqBnexHOWu0eeoCpiEDmDjh_RMLErjGowRvckR7I0V7pJTylyBlFwnkpV_lHIL_4UDENy3G_DJeseNaCOazqmZNoVWu5wzFq02pM3dMhIyhcVMDd0X3XjbffGgkNS0J5x0w8ff4sWd9uYt-87HSMS4s_fTM83OG3Pi1fXOO1lZt1Wz4MxyKgKbp_WLEx8H6aK_BbyKUf1SfZlFfFQaiPZBtxVQNfQyt5xnFYXbjP5RlH0vAJBnjK-kW0EMBSZUkEtPELI6BTwYMnEeaTOIeKd-JD53pB2YVJ7VSG7bV0GZC5cMZGvyPf1YbuvRLFnBWs6Rxj83rE_kouzvaogOfWSMrz5cUZS5TpkEGicdvk6kL4nY6jW6-zrykfiS6NHt1MpU-14fMy90d2zaXBJK9gyvp5Y6oCvaouuu4bVSrakC-iQfqYmnC9Fz0N_rOwlE2qiwqDTo-JDXuxmRCtu7ZBA8k7pBA5W4ubqxBB_Jbg4GQIlPYBMkHU6Ci7NnvORdgF7e0KCCBALlLc3Z6-g-4iWWgO_SIgOhupxA3IY8F_xQFnIi1wYsxUBcFWKMqkAv91KGWbsoIJsmhD57pi5VrfmHSalVGqBg8dueXZSX4Xw6kjYJ9bjkPd0xGBu1yjNwwoXSG1moCnuErmrwQe595_U1qjubKPUOf4SvYgB5meGYrK-uWx7BggY96EAnUP1I8mgX_6Km14WMHN6d-uJRa5HjD947Jrh37-1rMav66rW6Jxvtehz_NVw2_JQS8h5A2NxEptJ48chtKo13Qs&cid=CAASJeRoK803eUsqf8hFjh2-DQlcMZxvRGXejiFcUxASyYVyI4gRe2Y&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:36:42 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 25D8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9H8pdKzNbtXyytEh-iJuc3Ne8Q5kbQIPrhPC78cP0GNxkLFXTMBiKFqKPEgCGIWLmmMqCS8S0dtWQ9uAfGNlN63IowCPn9zTQTwkDA2dg4X6nbocS2xZLxGjCkjEsMFgMi5WCOhsbjGWKT6laBZ3-uimoNw&cry=1&dbm_d=AKAmf-Abnl7WbtLK--l4YwsWhHvSeDx38ve-jw21XX3mdTYA6WIQmNz_jCu3AwLf62B9A40fudHCjrqORmz9U95NHt4hcLbI9M-R2K3yh-lRam1zTsgEIQnT6RTeGsPa_4hJhQ9uUvc1PqmoSwWDEC3gL8utidDKt84deUszt8Uv4zSqdSEs-kNVqzDVNqe-3nq0v-LX-6vc3qznec_wzgk5TcsA31Fg2Ljgzupr3abv0U7qHFo8RJ-GB8buRxaPIC-6SXej_l2gjDnrA94aCXSIoV5oZhG1DcXgDYQ3rtaqzbbB-Z8SZIAswdqJohAd1XPssZQPYsYBpVbhJKHARGsXT0EZCKrFjcPmenVKAXEMKyEnvXqp8NTbgf7UftRFEGJqwNR9i1Xk1TtwfD_8YGM7rAQL43qu0t6VufgWBewisu0QyK-T4889hV_cWdHjvbulqdEFmjI-ggZvaG9HB5a1JswF1mEVa3EmImBMD09hzhho_IO7TSKMXRPPv8c6HLZSOJEDXRYmSLPIpU606_M0LJOuhdzzwc62Z03KgMM6DYAlKvtdWL41xumG1Gia9YZKNyt9ZOgJ7huWUTtCAfX5LSiBH1TieRO46mpQGot1XjFheSQQn3irZgUZgUIPF4ziZlrh5SAMkMyjpyr_E8e-bqJn027czyucG9fMr23CgUXMc_CtVDI1vzSyaC6uR2pZQ5pwGq-0XLX-yGRRS4hIuHDQllyzsA2j0qLD4IuHsg-0rJhqgsl5ehp-bw7K7QHfYyvS8gM08HH-79E7FrdGcpwBGER7YCNBQCNT8Udkl7opDWpqatq1eorxICODdPJX6ZZIhNmIymWeam4uWMx7leFt-6sMaaO0ndEhxqJ0hEV0m6baaCLsh5hpQ2r0_BVr9exWVNfum_6F3CGDDq4Q4xjQW90MEWwceAAh5C6QfdPdWuo25OYwAB4dWlELID7Vi7Ki3weMZlpmbxmxvJjSCSYrmNR8JuVWAtOAsinqheRSTQnQLiOlsc5ffXcLHlLU-IXUw6AxIXBtVvvmgeU-vMv4fGVlWPnp4Gjr-l1BmAkV2Pr2KpScfQUX5a2uJCoHkNbFehqsxdriImEPdSnqRJZ4P_vi9KXzeS7DWFbV7ykYGhioqq_T8bhV0a7HeExQzuPQM7rYANRPw3wAzqyPHRkxnOTklYiITYJhQYDgHL0rlWGZHd0uVAkL6ZeDDNjghiUpWjdT7RQbGsscdR3cseap82JZHHbMcRecYe-KE1htd6el3xkJW0IfTwQkTYvemj2dcUDAUXmLXAa5etzTfnRf97a0-ekPihodsO4ISvA2tR89C2IpBS0K9OURtj_VKOZ0_WVhHe7ajFgKHvFhuJUUthv4tWPCj7jzgyXAkLPqbH3Z_qUa0HTJNGK3m66AocQY0yggafxO8gUptfzIZAM4_6eVH5C9d896nPLB3xXdQZ8v999Wlft6omM1L3LKmRy1Kd9vGnKNlL50ldbNvM621KSG-YxbHl-yzpeFdkDJ6tkgvvw79irSdtfB7YzlVHx6EA6yOBbN2v36NF1hOy9erA1uewimEA8c8HMd4jcYsjGxXETCKh1cJbmDf0OkW2UndUzl_H6nOTDN3TzekPI5KeREXakYH7ydcp9WYztVPb3n2b10qdRSgmAR7lmCMaACKMfOo72Q62JzxEUUbKDMDQogB46eShXILtLezYbR7ahqWN2szk4SVlmHOvV6fDxu4SXqCEybBPAaHC_stI8Gpz2jQls2lUT6IW5cwZHSq-yj8vh2q6-mBTTDeT0Zcpy96odsED9OWn9a0oflYVLE1E0cyckmukNFDit3DPOlESBLXR0Juz6wvEa9Xo6pmQJ1fIUjZfsyzXXMbU2fzLOHMTKFS3Ns_nNZPlmXL5b01j8qCPMz_iYo4szgya-EfsgJMtt5GBkREYQaXBdRxgXvrE0cGbKTmIgn83ZX9XcZuxc0D-0fx35gD4sbxk7sxEu4hIydDbK_L6UM6HRTuPBTW21Lhdq_xYVRwKFzSOOjAp5ttNXRIOUa1SGwX0nLbAdFQiG89FJ0UVPLeRVq9P9cPXE_81EL8DwUdmGNZ8aF74FqWoQb3RH_Opeb_IxkJNnoXyNn0SaVC_ztgZ3REwlKIb9jSz2lzl7zu1jWjcRtVO8ntWTnpEhBVyMnH22n1nF-BIKhMb1T1Oqg1tUideWLcOkWt7hiljpvpP-mpxaSIktXBYwaKbV0uHiyvYB5kLnOL0_gFVLmT_nPh8daWXpns9GCcVSBTisToraexeByqB99F1hrGLHI2qSsC500KnUt4kBXwy1m6h_xOXud84NO8XgYi-i75IydAtPCKlKRGEYgO5viQtF_fhPb9at12LhjOrxaJvRF-O3J0DJLs3qPH9Zz-ZfozTtFb91qFyEFI2UJK1iRFVjTEK61NFo7JNb0mA_-3cCdNZeWpneZBGuu9vYv812ZDTe27GuvE2x1iKQDPRbOpIA0nQZqTRtWh3EmtFYAy9kuZ_f-t7UDeOQGYxkU26IVVe0bqWTxNwigA31cmyYnauUATni_UU3pnZCEERGPrXNIuTALiXAC9OTQJq-PqGsrIK5e-7OwHWchd23L_ur_L-Vp4Gm1tPuBF-aFDqoou1ixAO7VW0Lbx5zsJswoiuMYS7ntqBnexHOWu0eeoCpiEDmDjh_RMLErjGowRvckR7I0V7pJTylyBlFwnkpV_lHIL_4UDENy3G_DJeseNaCOazqmZNoVWu5wzFq02pM3dMhIyhcVMDd0X3XjbffGgkNS0J5x0w8ff4sWd9uYt-87HSMS4s_fTM83OG3Pi1fXOO1lZt1Wz4MxyKgKbp_WLEx8H6aK_BbyKUf1SfZlFfFQaiPZBtxVQNfQyt5xnFYXbjP5RlH0vAJBnjK-kW0EMBSZUkEtPELI6BTwYMnEeaTOIeKd-JD53pB2YVJ7VSG7bV0GZC5cMZGvyPf1YbuvRLFnBWs6Rxj83rE_kouzvaogOfWSMrz5cUZS5TpkEGicdvk6kL4nY6jW6-zrykfiS6NHt1MpU-14fMy90d2zaXBJK9gyvp5Y6oCvaouuu4bVSrakC-iQfqYmnC9Fz0N_rOwlE2qiwqDTo-JDXuxmRCtu7ZBA8k7pBA5W4ubqxBB_Jbg4GQIlPYBMkHU6Ci7NnvORdgF7e0KCCBALlLc3Z6-g-4iWWgO_SIgOhupxA3IY8F_xQFnIi1wYsxUBcFWKMqkAv91KGWbsoIJsmhD57pi5VrfmHSalVGqBg8dueXZSX4Xw6kjYJ9bjkPd0xGBu1yjNwwoXSG1moCnuErmrwQe595_U1qjubKPUOf4SvYgB5meGYrK-uWx7BggY96EAnUP1I8mgX_6Km14WMHN6d-uJRa5HjD947Jrh37-1rMav66rW6Jxvtehz_NVw2_JQS8h5A2NxEptJ48chtKo13Qs&cid=CAASJeRoK803eUsqf8hFjh2-DQlcMZxvRGXejiFcUxASyYVyI4gRe2Y&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:32:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 12:32:58 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6704 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Origin
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 15:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Sep 2022 15:22:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame 6704 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVcbWZvEm3jqUyaPRjZfoVp3Q2AebAatZsYJBGqMbKRvJvUMWyi2RTRWGWhpovA1nRw_YOJZupXzc8_1F7XulPBOm0Fw&cry=1&dbm_d=AKAmf-BhrfeT_G97DpO9e89CNgQilxXJrCnkmR9f2rYiSDgJF35qXd1JTv0MUcHxHInBuUdX4hv_x25HJwOvgs6jTqmQZk90E9mR2IT756LhAeRcuhDGTs60sCKaUKyzYM1aQVMYR6iQivzhIh7SoQtXDIBxSRESRrjqPks1wwsoGcoylBjTrFDBuyobhrr1HO9vVFFkf-dWXELcTmpPoYvcClTiZXSxj9F-byBQnTIITMrg6KfuykZP2-Ep75eAMbSWug6cUG4Kv0Fbu2pr5SkT15f05MSl12zeG3Ew6D7zkyZn0u0fbumtxc6LQfJ8xoEaitHLIb8E7lBJT-U_0r85xUs7E3fkwhIQezqU2c6VefisR8fkMhMLlf63cVVw_lHUYlYOf5ffEzo8mJQslz7pk9xxZm5JcalV-kZHpM8gcCapGuGyzJA8bUlVq7seJSgmmEud2BBJ0uBArcT7t10t8wXfMURzXBUJpR609r-bZ_HXSpgtgRh5Msk1tDD-TDXWGND-5fX2tB6gH1Fn_KBWB0R58f-0kv9ad-MwMIQz02FLECdaY7HAKkUBH3CqncFjmPYB1JtJ3GNLYWNppKCKoohLlp0QztNydnVE6aPi2MM2GgilK9wWxvMMw9IPCr07tEcXQbYt3U-7_NfqFze5vrUUER9igZMKeun90ynkdtMYlFWzA4NB_2Zr_BzGFRHh2zk-2cisOm5Ia8BwX5Tq7NOxFsTNWk6SrXs4DyZ3lL5iDoiUHrKZVnEqb-ytzUGLlXZahrb1K1IPcEYSlZ4TnDSiXfwYdJ7igK6ebRy97PQatJUVm6_AIUzC1JM-Z2FthmRKB47eEQSaEnGxJ-0py4tAGotvmxpNw0yp4jT_zaSmnHoyIAWUJCemQ1FdWb0M4WtvdRTxh3oXuVDJ4TB65tpOlOn-WulnQrb8RHwFctLD8Wjj_0wMUEcwKoaOlAID636fHRfcadXctLdiLNmwoFe77zDUWmlBgLo6HkrvzLIIIr6veZQr_ST_LKu0iH0FGakBPZbNyxob_VlJ5XPsk7XUVx_wUP4XKiF_dobzuHG6EheR_ADoan5qZKND0u-n2KZ-PykDMB5LBLNUaHNjG5vk2Q-awI3AJhcS9Qiq1qUZDmu4ldBjWRtFZJpvd8qSCaaOMf3cDyPwBzTH6KkjbWbCAxwB5nml7eeKWDUensYy-4maxKOkNt7xs8QPKzZB31xzngQaG-c2i_LtfFTM2JDXDLiQvOJx-LrrSdNhAof-1K60hhH8Y-eeTGAazajwBlIRZtXgJieU00DxVW9UH_SHHgu0mElgpJGf_Pkz3BW4GSCQQwbDAteLFAqhuYPRjM-fkC4uv9N6UczaemdBSy1Byf2o_pmrP1Gsu_bjFXN4V6quANvUAsRkCR5x3mMr4UFV2cpDicTVnknIStA_cVYtpF4ailBuZVvF_Evb4PY-TIsdZaFnSlH6DMRRzgsKbNqY5ScgjM1SfN5N2DmXE5XK0RK6r7SMPxphM2rbZzvlwTNX6tdAqxv33xwrXADPEbyct9rCWGGefz_uMjesDm4mS-1w-idoYEE7_Xj4_HDchisXpQzJVkezFWwt2F7H-nvsFBSOLE5NtmokSoCBXUAOtijGxh4kRObyHatwUZ6gVxt5EuAX-cOQBUsfvJ8TCqnl-UU6xTWVK5I0-qSKdMoIbUUsAx25KqeK1Si4XigCyzWUiR_yc8TO-8TIMo0zU804PB407aMqHBuq32kL0QoJMb7X9fgKH8ptc-efnspmUPuYpOnI0WN3GuWz8_Gj9Iejhi6r3BuIDZHUXB_0j_P-LSo4wT3lS7wV4EG1gD7gQxbl2elV920uJbY0avK-hBEE1ASH98zLpr_D5wWCRe-FmIipH9xIMCYdrkHheMC7sG0pLn5pvvB8ZCWSKY0bKaH4-o6SOMRNix1Xgb-_-wOvsJ2341wnI9vVOmobwXFtStTaSTDXYnUf5k3vXovWZIz9vTyePXxWqqA6TD3b2lP3fx8UdIiDwGaOjIg_Qejpa3d0JoLHIae_bCDMZMNMWE2uPj9glP5CakH4aZFk_mk-2qj5XWFz4B_pZQW4b-q9GsFjjAx3YrCnqlsyVz0Q6AzZOHXNPwd-hDGTFlOAt0nNO4cbej448zJChjhsxXHtFNAT7058wEzQaZ-fKDZiNFRIAF2JTMGmvacZFEVMzcemcbRR0OUbD71kURJOW7jBlfbuMrtFeMclNIqXpHaXpvmO9uGvokY3t12N7CdxvRXzjhKBupsOEfiIBG1U5mKGQh_jWE4hUP7FRjc5XEiXCtWlq3TN-eb33a9tfnnaZ7ROPZcOMTjArFLJ9UDHxJOtGYi_Vv0qknkAntjcLUXGvcZY58sHsTTsO3rLtfKUeqzyDatF6dpsHndNjQDsprWYtgjAn9dUqScbgCj4EzJCAovI7eCtfbNZj5R1IpxYbSMdSrYTQCJUll2KrWDKfDvhlL7cjnVRq1Kya5GU_EC2m2AfT5EjNqwhvwLoRXfykSMmUhlP8xQFQv-VVGiGz0u8eUOVHsWioft82ZyzCqvHVj1R8vQ_Q-LFd7S5iRE4oZCLiEEWCj5rzfqGQ0PIqnLh7qi6ZUDyfSPmLEQfbimd9_-5SPHGcplUlg7AlJj8PaB4bZJ9RsyYaXcSteKT62d7ghUEyTCP-dmR7Km8DK0yK_yw4s5JrRBFr3_T6TJbHQZW2QYqgPuGw7vPNv68zDaaJK-w85PIoE93nAUiu87ZvTz3rP_6NQxfsFISQJAiOR5dUcIKynO84uNAhYJa265gFBxrE0d7DJOgp74JsOWxkyFjziCqZ44xSVnflK2UIRnAu7lion4w0QM3415oN-flV0YwlYlVk9sA45XnAY1QxXgWvYZdfrfQ-r4obQ6bD07jai0uicQfIV89zCg2b23jYJzoqIy6kwxXkMgHjzWOwLr-y927Eybeza-t2vFEOlah8-jOcJJGUQkFoxY9dS0i4gSG5JTC3V1d47kbrQGbWCjIGj7ObD7s9ChNTqLKeUqBNYiptkAMc4IWIOtJIptOZnXfbyJCzKDMz_AO0QSkShLGzPFOyEZimTjoBUzbxxMdnwdMV2m8DpWSATjL501rhyc9eNXch7rXSMhY4QY4rR1pAy0KRls3Bsly3q9CtHtSESTy_tcYX0BNkTwYTtyx4nzVkhAZOispT-OX5fi4L6lPxQvcZEBoBXNd3YGjjQSnei6PWypgJ232r0mahQoIp8vkQUh9UCsU4i3tBU6g-B3lbaVqDG4cIsIknLpPtUQLuHevqV1-NOfrcCIeg1GknAoNa5V-SQBEX79pmB83QsNc46jmcjNXwVgNM87QATyCwOi78Q&cid=CAQSOwCsnQUxu2NAjaEoylVtnrJRxDSzGXGT9SCE9FDKilrk8AZ24zKxNoRs1YFisgFitOy2aezu1OLj9mSvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:34:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 6704 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVcbWZvEm3jqUyaPRjZfoVp3Q2AebAatZsYJBGqMbKRvJvUMWyi2RTRWGWhpovA1nRw_YOJZupXzc8_1F7XulPBOm0Fw&cry=1&dbm_d=AKAmf-BhrfeT_G97DpO9e89CNgQilxXJrCnkmR9f2rYiSDgJF35qXd1JTv0MUcHxHInBuUdX4hv_x25HJwOvgs6jTqmQZk90E9mR2IT756LhAeRcuhDGTs60sCKaUKyzYM1aQVMYR6iQivzhIh7SoQtXDIBxSRESRrjqPks1wwsoGcoylBjTrFDBuyobhrr1HO9vVFFkf-dWXELcTmpPoYvcClTiZXSxj9F-byBQnTIITMrg6KfuykZP2-Ep75eAMbSWug6cUG4Kv0Fbu2pr5SkT15f05MSl12zeG3Ew6D7zkyZn0u0fbumtxc6LQfJ8xoEaitHLIb8E7lBJT-U_0r85xUs7E3fkwhIQezqU2c6VefisR8fkMhMLlf63cVVw_lHUYlYOf5ffEzo8mJQslz7pk9xxZm5JcalV-kZHpM8gcCapGuGyzJA8bUlVq7seJSgmmEud2BBJ0uBArcT7t10t8wXfMURzXBUJpR609r-bZ_HXSpgtgRh5Msk1tDD-TDXWGND-5fX2tB6gH1Fn_KBWB0R58f-0kv9ad-MwMIQz02FLECdaY7HAKkUBH3CqncFjmPYB1JtJ3GNLYWNppKCKoohLlp0QztNydnVE6aPi2MM2GgilK9wWxvMMw9IPCr07tEcXQbYt3U-7_NfqFze5vrUUER9igZMKeun90ynkdtMYlFWzA4NB_2Zr_BzGFRHh2zk-2cisOm5Ia8BwX5Tq7NOxFsTNWk6SrXs4DyZ3lL5iDoiUHrKZVnEqb-ytzUGLlXZahrb1K1IPcEYSlZ4TnDSiXfwYdJ7igK6ebRy97PQatJUVm6_AIUzC1JM-Z2FthmRKB47eEQSaEnGxJ-0py4tAGotvmxpNw0yp4jT_zaSmnHoyIAWUJCemQ1FdWb0M4WtvdRTxh3oXuVDJ4TB65tpOlOn-WulnQrb8RHwFctLD8Wjj_0wMUEcwKoaOlAID636fHRfcadXctLdiLNmwoFe77zDUWmlBgLo6HkrvzLIIIr6veZQr_ST_LKu0iH0FGakBPZbNyxob_VlJ5XPsk7XUVx_wUP4XKiF_dobzuHG6EheR_ADoan5qZKND0u-n2KZ-PykDMB5LBLNUaHNjG5vk2Q-awI3AJhcS9Qiq1qUZDmu4ldBjWRtFZJpvd8qSCaaOMf3cDyPwBzTH6KkjbWbCAxwB5nml7eeKWDUensYy-4maxKOkNt7xs8QPKzZB31xzngQaG-c2i_LtfFTM2JDXDLiQvOJx-LrrSdNhAof-1K60hhH8Y-eeTGAazajwBlIRZtXgJieU00DxVW9UH_SHHgu0mElgpJGf_Pkz3BW4GSCQQwbDAteLFAqhuYPRjM-fkC4uv9N6UczaemdBSy1Byf2o_pmrP1Gsu_bjFXN4V6quANvUAsRkCR5x3mMr4UFV2cpDicTVnknIStA_cVYtpF4ailBuZVvF_Evb4PY-TIsdZaFnSlH6DMRRzgsKbNqY5ScgjM1SfN5N2DmXE5XK0RK6r7SMPxphM2rbZzvlwTNX6tdAqxv33xwrXADPEbyct9rCWGGefz_uMjesDm4mS-1w-idoYEE7_Xj4_HDchisXpQzJVkezFWwt2F7H-nvsFBSOLE5NtmokSoCBXUAOtijGxh4kRObyHatwUZ6gVxt5EuAX-cOQBUsfvJ8TCqnl-UU6xTWVK5I0-qSKdMoIbUUsAx25KqeK1Si4XigCyzWUiR_yc8TO-8TIMo0zU804PB407aMqHBuq32kL0QoJMb7X9fgKH8ptc-efnspmUPuYpOnI0WN3GuWz8_Gj9Iejhi6r3BuIDZHUXB_0j_P-LSo4wT3lS7wV4EG1gD7gQxbl2elV920uJbY0avK-hBEE1ASH98zLpr_D5wWCRe-FmIipH9xIMCYdrkHheMC7sG0pLn5pvvB8ZCWSKY0bKaH4-o6SOMRNix1Xgb-_-wOvsJ2341wnI9vVOmobwXFtStTaSTDXYnUf5k3vXovWZIz9vTyePXxWqqA6TD3b2lP3fx8UdIiDwGaOjIg_Qejpa3d0JoLHIae_bCDMZMNMWE2uPj9glP5CakH4aZFk_mk-2qj5XWFz4B_pZQW4b-q9GsFjjAx3YrCnqlsyVz0Q6AzZOHXNPwd-hDGTFlOAt0nNO4cbej448zJChjhsxXHtFNAT7058wEzQaZ-fKDZiNFRIAF2JTMGmvacZFEVMzcemcbRR0OUbD71kURJOW7jBlfbuMrtFeMclNIqXpHaXpvmO9uGvokY3t12N7CdxvRXzjhKBupsOEfiIBG1U5mKGQh_jWE4hUP7FRjc5XEiXCtWlq3TN-eb33a9tfnnaZ7ROPZcOMTjArFLJ9UDHxJOtGYi_Vv0qknkAntjcLUXGvcZY58sHsTTsO3rLtfKUeqzyDatF6dpsHndNjQDsprWYtgjAn9dUqScbgCj4EzJCAovI7eCtfbNZj5R1IpxYbSMdSrYTQCJUll2KrWDKfDvhlL7cjnVRq1Kya5GU_EC2m2AfT5EjNqwhvwLoRXfykSMmUhlP8xQFQv-VVGiGz0u8eUOVHsWioft82ZyzCqvHVj1R8vQ_Q-LFd7S5iRE4oZCLiEEWCj5rzfqGQ0PIqnLh7qi6ZUDyfSPmLEQfbimd9_-5SPHGcplUlg7AlJj8PaB4bZJ9RsyYaXcSteKT62d7ghUEyTCP-dmR7Km8DK0yK_yw4s5JrRBFr3_T6TJbHQZW2QYqgPuGw7vPNv68zDaaJK-w85PIoE93nAUiu87ZvTz3rP_6NQxfsFISQJAiOR5dUcIKynO84uNAhYJa265gFBxrE0d7DJOgp74JsOWxkyFjziCqZ44xSVnflK2UIRnAu7lion4w0QM3415oN-flV0YwlYlVk9sA45XnAY1QxXgWvYZdfrfQ-r4obQ6bD07jai0uicQfIV89zCg2b23jYJzoqIy6kwxXkMgHjzWOwLr-y927Eybeza-t2vFEOlah8-jOcJJGUQkFoxY9dS0i4gSG5JTC3V1d47kbrQGbWCjIGj7ObD7s9ChNTqLKeUqBNYiptkAMc4IWIOtJIptOZnXfbyJCzKDMz_AO0QSkShLGzPFOyEZimTjoBUzbxxMdnwdMV2m8DpWSATjL501rhyc9eNXch7rXSMhY4QY4rR1pAy0KRls3Bsly3q9CtHtSESTy_tcYX0BNkTwYTtyx4nzVkhAZOispT-OX5fi4L6lPxQvcZEBoBXNd3YGjjQSnei6PWypgJ232r0mahQoIp8vkQUh9UCsU4i3tBU6g-B3lbaVqDG4cIsIknLpPtUQLuHevqV1-NOfrcCIeg1GknAoNa5V-SQBEX79pmB83QsNc46jmcjNXwVgNM87QATyCwOi78Q&cid=CAQSOwCsnQUxu2NAjaEoylVtnrJRxDSzGXGT9SCE9FDKilrk8AZ24zKxNoRs1YFisgFitOy2aezu1OLj9mSvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:36:42 GMT
pixel
cm.g.doubleclick.net/ Frame 0CED
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJc5PeGVuIViLx-rfl536tk&google_cver=1&google_push=AZmPxg_P8ansv3-nvZl658LCoNiBRuYgttZvrBiuvImKLR3IrAXRy4az0TBZ6_QjHVUSWEmcdYvtKemkjWgP69pb...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_P8ansv3-nvZl658LCoNiBRuYgttZvrBiuvImKLR3IrAXRy4az0TBZ6_QjHVUSWEmcdYvtKemkjWgP69pbTiNT3uKzGd0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_P8ansv3-nvZl658LCoNiBRuYgttZvrBiuvImKLR3IrAXRy4az0TBZ6_QjHVUSWEmcdYvtKemkjWgP69pbTiNT3uKzGd0
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 20 Sep 2022 12:37:32 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_P8ansv3-nvZl658LCoNiBRuYgttZvrBiuvImKLR3IrAXRy4az0TBZ6_QjHVUSWEmcdYvtKemkjWgP69pbTiNT3uKzGd0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Sep 2022 12:37:31 GMT
dds
rtb.openx.net/sync/ Frame 0CED 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGQp1giWtf7kC3pxuompMQs&google_cver=1&google_push=AZmPxg8Fcfxq5r4nalaOlxi8_0pCcxmKoULUh9bRgBNvR2BTRUcgn6JUPrxDBWQggp0Q0c7uPChmrZV7uGzOPjhvjxUk2p26w6oq
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:31 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
h88ffmbmq1ana7shk3kn6devu4ir2k3j
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0CED 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEA3kTpmffn7AHHM7ImkkPrc&google_cver=1&google_push=AZmPxg9Dhis17ebH5hM_JN6QpMgglvdQnG0m9jzxxyMd3KwRRPD4X62qD5KH4bzau2UKqi9Z2VmInM9KJ8tUNK4-1BWBZS6uNg4
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0CED
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAmRiGayyJKX33m8w0_N6Kk&google_cver=1&google_push=AZmPxg9EJu5kh06wPKUh-vO_uNpRa9UzsOOJIq2FsfUkLuxN9m80xrcHTlnwPs8iNUSKLWr8WvTHMs0gXaFRWZcf...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9EJu5kh06wPKUh-vO_uNpRa9UzsOOJIq2FsfUkLuxN9m80xrcHTlnwPs8iNUSKLWr8WvTHMs0gXaFRWZcf2E_jL5X7cn0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9EJu5kh06wPKUh-vO_uNpRa9UzsOOJIq2FsfUkLuxN9m80xrcHTlnwPs8iNUSKLWr8WvTHMs0gXaFRWZcf2E_jL5X7cn0
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 20 Sep 2022 12:37:32 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9EJu5kh06wPKUh-vO_uNpRa9UzsOOJIq2FsfUkLuxN9m80xrcHTlnwPs8iNUSKLWr8WvTHMs0gXaFRWZcf2E_jL5X7cn0
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
11ZgqpSpHb6pEP6_EO5Bf1DV9fPObpEW2LNYQKxp1ANjYzoQftPgfg==
pixel
cm.g.doubleclick.net/ Frame 0CED
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO54ey0oMTWf8tUEtf3890s&google_cver=1&google_push=AZmPxg9JTU8TFCk1IQp8scn1P1LSAwLpwpsFQ1-tppxepokSYO51sCcfZ_R1u097KDgBnaswcDdpvP91_n2lt-NZEEG4TeP1KR2N
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9JTU8TFCk1IQp8scn1P1LSAwLpwpsFQ1-tppxepokSYO51sCcfZ_R1u097KDgBnaswcDdpvP91_n2lt-NZEEG4TeP1KR2...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg9JTU8TFCk1IQp8scn1P1LSAwLpwpsFQ1-tppxepokSYO51sCcf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg9JTU8TFCk1IQp8scn1P1LSAwLpwpsFQ1-tppxepokSYO51sCcfZ_R1u097KDgBnaswcDdpvP91_n2lt-NZEEG4TeP1KR2N
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg9JTU8TFCk1IQp8scn1P1LSAwLpwpsFQ1-tppxepokSYO51sCcfZ_R1u097KDgBnaswcDdpvP91_n2lt-NZEEG4TeP1KR2N
date
Tue, 20 Sep 2022 12:37:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 0CED
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHkMmGhi3y0vvriLk8HuJC4&google_cver=1&google_push=AZmPxg8CNQnRO3THGFoV6xBeF40iNm0YhTZORudD0tEOmPLsuDG0N6KreuEzkQvO5a7auYNm-_...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHkMmGhi3y0vvriLk8HuJC4&google_cver=1&google_push=AZmPxg8CNQnRO3THGFoV6xBeF40iNm0YhTZORudD0tEOmPLsuDG0N6KreuEzkQvO5a7auYNm-_...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RMG0uQmV4RTJ1RU5Pb09odTQ2czZ3RmdwemRwcHZTcn5B&google_push=AZmPxg8CNQnRO3THGFoV6xBeF40iNm0YhTZORudD0tEOmPLsuDG0N6Kre...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RMG0uQmV4RTJ1RU5Pb09odTQ2czZ3RmdwemRwcHZTcn5B&google_push=AZmPxg8CNQnRO3THGFoV6xBeF40iNm0YhTZORudD0tEOmPLsuDG0N6KreuEzkQvO5a7auYNm-_WVgHOcD3SZQ4DDVnFX2zV9hDt7
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RMG0uQmV4RTJ1RU5Pb09odTQ2czZ3RmdwemRwcHZTcn5B&google_push=AZmPxg8CNQnRO3THGFoV6xBeF40iNm0YhTZORudD0tEOmPLsuDG0N6KreuEzkQvO5a7auYNm-_WVgHOcD3SZQ4DDVnFX2zV9hDt7
date
Tue, 20 Sep 2022 12:37:32 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 0CED
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDRFTULq7x__XsgPARv98J0&google_cver=1&google_push=AZmPxg-zXCtIu0Ox_...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D&google_gid=CAESEDRFTULq7x__XsgPARv98J0&google_cver=1&google_push=AZmPxg-zXCtIu0Ox_tjspqedsYuTJsXHWQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D&google_gid=CAESEDRFTULq7x__XsgPARv98J0&google_cver=1&google_push=AZmPxg-zXCtIu0Ox_tjspqedsYuTJsXHWQ0KvHByor2m0sbhu7gFzZGs5yCY8wXAaqa7UG7fH_kOJWpOH8Yf65hTZKgQid3TFo3BsQ
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:32 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
040702f1-be01-4b13-bf36-7d733149a6f1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTk3MjE5MDY3ODUzNjM4NzU0Mw%3D%3D&google_gid=CAESEDRFTULq7x__XsgPARv98J0&google_cver=1&google_push=AZmPxg-zXCtIu0Ox_tjspqedsYuTJsXHWQ0KvHByor2m0sbhu7gFzZGs5yCY8wXAaqa7UG7fH_kOJWpOH8Yf65hTZKgQid3TFo3BsQ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0CED 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lx5zgnXzvgXzwbsCcChwNmWeFLpD-O47reN_bO7HSDbZLsrnWnXKO_tBlMyJ-9pI6LcRHNLCc
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame 46E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2EzxP-Zyn6PK6gljSGg6M&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2EzxP-Zyn6PK6gljSGg6M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhju05HSATAB&v=APEucNUw9rRDgGwDKflMM5DBMvoPv3iCPTBFOhO0dFGEA7X9iHzXH__Q3BshQSc48HVvLFyLqbwlMnpx3HFK3-Nt7FolUgHps_b3EEshfCNt_opqZCPbxxgt6QitmtsZEoqI5D0h2nWRVJmjOXr4K2poAYVr3lVxQiN_EDKmCWxjVYwL2a7bGxw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2EzxP-Zyn6PK6gljSGg6M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 46E3 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhju05HSATAB&v=APEucNUw9rRDgGwDKflMM5DBMvoPv3iCPTBFOhO0dFGEA7X9iHzXH__Q3BshQSc48HVvLFyLqbwlMnpx3HFK3-Nt7FolUgHps_b3EEshfCNt_opqZCPbxxgt6QitmtsZEoqI5D0h2nWRVJmjOXr4K2poAYVr3lVxQiN_EDKmCWxjVYwL2a7bGxw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 46E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESENtRhsT-s-FzwssLg6P4EJo&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESENtRhsT-s-FzwssLg6P4EJo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhju05HSATAB&v=APEucNUw9rRDgGwDKflMM5DBMvoPv3iCPTBFOhO0dFGEA7X9iHzXH__Q3BshQSc48HVvLFyLqbwlMnpx3HFK3-Nt7FolUgHps_b3EEshfCNt_opqZCPbxxgt6QitmtsZEoqI5D0h2nWRVJmjOXr4K2poAYVr3lVxQiN_EDKmCWxjVYwL2a7bGxw
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 20 Sep 2022 12:37:32 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESENtRhsT-s-FzwssLg6P4EJo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 46E3 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhju05HSATAB&v=APEucNUw9rRDgGwDKflMM5DBMvoPv3iCPTBFOhO0dFGEA7X9iHzXH__Q3BshQSc48HVvLFyLqbwlMnpx3HFK3-Nt7FolUgHps_b3EEshfCNt_opqZCPbxxgt6QitmtsZEoqI5D0h2nWRVJmjOXr4K2poAYVr3lVxQiN_EDKmCWxjVYwL2a7bGxw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 20 Sep 2022 12:37:32 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif
truncated
/ Frame 4DA8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e515b026175f87f4426ff6e4eeedcdcf5288ac728c6a75383fc10e4f764e44f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D1A0 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b0956affa6c10c727a432f4c582ad61c5660da4f779e84c7aa1b2fb6ddd1e01

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 70EE 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEPoTItgCUZMPt6Ye6qoPr0M&google_cver=1&google_push=AZmPxg-RSf4WX8UD5R5Ga-03Gw332-kpxKFH2uWtVcjUzovN5Xh_lvjYeAga4xunaqWlX5EOIpb8C5r2gaH3P92F1EMYmnAc86oC
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:31 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 70EE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhH6-6W_lGjG0vdCcyoyms&google_cver=1&google_push=AZmPxg_TaYPZObzWWwb9sVQr7jkcaQNwIyNRiaow_FVsdBU9II58hbFeHAPetdcAyKBuHRCG3L3ej2jKB_nV5zMplABVBa-...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_TaYPZObzWWwb9sVQr7jkcaQNwIyNRiaow_FVsdBU9II58hbFeHAPetdcAyKBuHRCG3L3ej2jKB_nV5zMplABVBa-2iZsv&google_hm=MzU0MDI2MTczMTMzOTM3OT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_TaYPZObzWWwb9sVQr7jkcaQNwIyNRiaow_FVsdBU9II58hbFeHAPetdcAyKBuHRCG3L3ej2jKB_nV5zMplABVBa-2iZsv&google_hm=MzU0MDI2MTczMTMzOTM3OTQ0Nw%3D%3D
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 20 Sep 2022 12:37:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_TaYPZObzWWwb9sVQr7jkcaQNwIyNRiaow_FVsdBU9II58hbFeHAPetdcAyKBuHRCG3L3ej2jKB_nV5zMplABVBa-2iZsv&google_hm=MzU0MDI2MTczMTMzOTM3OTQ0Nw%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 70EE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBIfaVhLsLL7i8RrMPTvidQ&google_cver=1&google_push=AZmPxg_S92nCMXe-IV8DYlWJ7dgqq_9b9XUPM5vzw2oN1SMSO23i6PEvOTktdixmEg1FVyIFqPBVJWo8...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBIfaVhLsLL7i8RrMPTvidQ&google_cver=1&google_push=AZmPxg_S92nCMXe-IV8DYlWJ7dgqq_9b9XUPM5vzw2oN1SMSO23i6PEvOTktdixmEg1FVyIFqPB...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg_S92nCMXe-IV8DYlWJ7dgqq_9b9XUPM5vzw2oN1SMSO23i6PEvOTktdixmEg1FVyIFqPBVJW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg_S92nCMXe-IV8DYlWJ7dgqq_9b9XUPM5vzw2oN1SMSO23i6PEvOTktdixmEg1FVyIFqPBVJWo891T8n9RxceGTzGV5VuA
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg_S92nCMXe-IV8DYlWJ7dgqq_9b9XUPM5vzw2oN1SMSO23i6PEvOTktdixmEg1FVyIFqPBVJWo891T8n9RxceGTzGV5VuA
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 70EE
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEDi5KyLwftRbBHOHFb2FQ0&google_cver=1&google_push=AZmPxg_x3o5JWD049YMLoEektTKfTmWUn2Ucm-WkoXYkIQCU5Xp5nBcLsC7CrKZVw-o9xD2N6NEyz2_8Fkp6n2kRJudd604...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEDi5KyLwftRbBHOHFb2FQ0&google_cver=1&google_push=AZmPxg_x3o5JWD049YMLoEektTKfTmWUn2Ucm-WkoXYkIQCU5Xp5nBcLsC7CrKZVw-o9xD2N6NEyz2_8Fkp6n2kRJudd6...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_x3o5JWD049YMLoEektTKfTmWUn2Ucm-WkoXYkIQCU5Xp5nBcLsC7CrKZVw-o9xD2N6NEyz2_8Fkp6n2kRJudd6047ojGn
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_x3o5JWD049YMLoEektTKfTmWUn2Ucm-WkoXYkIQCU5Xp5nBcLsC7CrKZVw-o9xD2N6NEyz2_8Fkp6n2kRJudd6047ojGn
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_x3o5JWD049YMLoEektTKfTmWUn2Ucm-WkoXYkIQCU5Xp5nBcLsC7CrKZVw-o9xD2N6NEyz2_8Fkp6n2kRJudd6047ojGn
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 70EE
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAcEhMqLXXIftd05mSw8MRA&google_cver=1&google_push=AZmPxg9ug0aoohY4XlIRDqxmAJceMtuJtj_5SC4Q7qHIVD2h0TCgAtm2mQSuW5NZ5LivmbJSzmHvUIGPShZ3OTK-QYAsexLZJ_o
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg9ug0aoohY4XlIRDqxmAJceMtuJtj_5SC4Q7qHIVD2h0TCgAtm2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg9ug0aoohY4XlIRDqxmAJceMtuJtj_5SC4Q7qHIVD2h0TCgAtm2mQSuW5NZ5LivmbJSzmHvUIGPShZ3OTK-QYAsexLZJ_o
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg9ug0aoohY4XlIRDqxmAJceMtuJtj_5SC4Q7qHIVD2h0TCgAtm2mQSuW5NZ5LivmbJSzmHvUIGPShZ3OTK-QYAsexLZJ_o
date
Tue, 20 Sep 2022 12:37:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 70EE 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECDVucAEpAxevQQCJFsXcpw&google_cver=1&google_push=AZmPxg-coFm1OcU9JA6XzNgi3xCCoo7iY-LV1iaeEHDY15YyCy-DOK26uGSqws7kt_VG5XvCH3UlGBtK-q3EPSBKuWyjK4GOwa4u
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-length
0
/
onetag-sys.com/match/ Frame 70EE
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBVSsr4va8rM1iu1MzpJLSk&google_cver=1&google_push=AZmPxg9evr13AEmASielOSynB3AvjCbO5_dF1htltjg20E8U1Krq0suozpBgTguzAPZND79YYPLk4_jj2Wa...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg9evr13AEmASielOSynB3AvjCbO5_dF1htltjg20E8U1Krq0suozpBgTguzAPZND79YYPLk4_jj2Wa3G8Y9HOuy4qAZofVC
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 70EE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEAmNwuaOLXhTVyUE7qvnoKvSf-vv0ujOxxgX6hTxEc09alLC3nDPAgU6egvevNhoCdFpBXQ
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 60C5 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Origin
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 15:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Sep 2022 15:22:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame 60C5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyQUjKVdNumalDHMCohWBfr1RYuCznVLpSE0a79LBGJpSeR-t8ngV9vL7j84ByxsF-FFa3d4SskiomX6mO-TjX3MmuMQ&cry=1&dbm_d=AKAmf-CIpMpVznZWI2-Mu_LWuOInmwGMsvwBDh4Ni6f93XpBb19pS_2O3XDzBp5u3AcCi7XTqNNPUZXv_i67o3UkIRMG_qvYEfPBK9vDdzK-SJ5xh73lxcdkCEHKqPIWK1enOUnVHUNOjI4rj0-8xFTby5fvE-bz5sy73RvmQaXFaooos_NAb4Rwd_5jQvyd6kjbySMu6JW5gmYaSXV06SkIGctTz2UkBN5jwbpm8JLYa8u0o-pNo0gnsiU6GeTfQOP8KDZCnYexxc2cUtiV3Ykk_Z1iGBQOZlqkLaDgrf545bT2e5qEVmTpjp1gFgIFQVULAgQvg3XooO0QET4nu3JI2G9dD9xN25J2nxv_mOewWBPoQrBQyzCBAklXmOgqpP4Wf5sVxH3LR4r_otI4WRtvMZ1sNeriIPoEOlnU5a6uPGVyX6f1STdMj6Q78UQBRZM_454jXzY19615oMrFZ-0YedNK1akwcy-ETqeiIyMjU4MvGDFuNft1AyOctGkTOpdVxNZc80zOiJ-OgRsQlG0auMybvq_OfHd-is51ScoW5kR6QdnazDevwc9mUSC4MOzOklUrlBM2pQlwlljZRywGseruJaba-QECqV0HWiWJhQGuJBEn5JlHbiMA5GNGxDK59q0jnB0XQhEF74j4ubQVvRxTeLMLJhjduw5MyENfSnqSSNWev7jYO8ndIrViy4BZxzNBgpahIW71pk32kR3pg9SBjaSvu3UgUJerN-Qmy3BgfImKXRz4awM-nsJ-KsXTtSJ7YwLnP0YC556qWEZW3axORz_mxU1v5QFcgWbcTjH_gk2YRZlvCo1ezdsoNCqws3g9SKRYYV6NcCOWVUPqwcbpzniWHlBWOkbO0f2Rq0AW6t1jPONFpG6ergtp1g6XbVjgebvQauZ3SayfxKbYBxBx4PJAbObqajivOdiTLFMT5OtjbBLxVF8ZQ-3a4GgHsa739DvMrem2dD9ZSWfSqlWu7uS4mA41KXmBc-GW4rDILYbZdxT89AJnWzSLeopaSiRsZhLFRjl4K7hSGR5So_50vfUfkuEMUfjsUSskpTgZarw6OaY5APsLzX7AVS1tvWUIajzcu7PSwGOxTWweHC7gavQvXk3joh-2VP2Xit7yT5g0q5B1w_B2UPobu-y3FGgFhzm0ye89PIq703inGwZjh65t9eXLFfpZHM2wt1PzbrwZxt_4rrH0W0yOQ5xBdKT4rpdVrAtEy2kVamnLOnH6MP3IE0NI_wD0-9IAhbivUew8ptuCM6zZb6zrIdYruW2D8t3yq5HBJUn8dj823t7L8sePs4bxfe7w-8_GRFg_yec_TFq8BmG-RCMGJ3Eojf2nub2sP-xtLKhe1vhctlXT_sNLLBwCd7wJQNytj1fEHf14yxOE-HGzi7duGDmoKY2_odxL4Bn-sknXRTNod-x-fw8H1TD-U5JJzX8LDZ40FDF0SvtIm6XyunGUZVDXA46pcRqXq727nu1rj81zvpZjIT4N9I8V_arcz1RF5uraNn_xqYuG8lKDA2Km6QTrejFA2PbTB2f3gM-2ZbvIBINIIZUCiUUmOLWUsbEFlMhBMI25WPC55uR6ACyM9dirzJLad19BwMPX42IH00a1Yy-72kdrkC3gzaJL9hxGrb0P9idOBqmPjf9c3xhn5qUa-S90lPw96nYZcGg3QmVFN75E4zKKENe-svVYu7is790WePy4m6rs1ljYuXcAJz2GsG6Z3ch9SLTIN9uuCT3MmhLB4YGjBORzFvjCLxcItID28yP6DSN7j763AV1zsHrLk8ykuK7CObqRQKzV7fG4kyd5m8klqOB7-5iBraO_SMsfzw5t6ZeP4LXMiOBYm5FBtXwpDnYqkj84rOGx78PpnfYAnk82FByuT8zufgql6eVvPAZMeOJ83n7bsynqR0kkcMK46_lCPCbDEhzICelE5DNZN-Cv97Sb-fza17WjlM5gjbV3nC3CGojcExzZuEGHDcoIRdQibCIlREEpi3c3h9K0lIEQ8m_VK6q9F4lYWEPaHebax9mtexl0KAUVHAkUXDbrM3_XRWX2iYcvPa84Yt8qPTIzclPlo-UU-KswujBhB8rTpMSp4XTIeBBAjsrmLK9A-r1_LSSux-KzKvMPcKm1l4xqwkM1pMJ_ZRmZ_uQ60_aIm8-nasvgRsKUsmGEhznN1OCNQ_prd90OIOguhqf-guWvJCUPJXeIwNt5HhOkl2zAUC_j1VpDyYGGtudSnH4OdaF-CmrZWcf3Rr_zkh7yMjDjdNsHwU4QnKsJpw2WKYAX8kDt9lMLQGQVo4nhAomCQnUDDJdu7InMjYXLvEHJeq5kd1tm6HqqDXEKvb9Ecnx6JBpBt9PYbsczUbjZOQKhkO6ER92u_n9mTymOYy7SL6j9BPHHIHCciJa_F_bm90Fr7ZY4AotKVu1f4uqxHhOzcd2e_aEltSC9eVdu7ffVP9mO-cjr1jqVlwt_VlBdcDl5wtywgc5dQMP7T2rk3gUgEMlIzQ5R0tIaO_xgVjMANc6h9F7tEQEVuyLtMYQ-wBOjdFUka8M-RnChJKGA81MPaqYgwdpxTxj3erhv_8xu3B0hVV6czRLt1_XAnRw6Pv4iDrsNbvsvIUGcoM4u1_XnvZo3kXvrRYzIDDWS8xNqybyggEA9qqAeIYnV1FiZ8_7Jn0W6fZV3Oy9VTiqfJkh-DU2Hdxdtb05uGci8RL3nI1z5P2uT5LXx5BW6Z-CJgENBaAsd6FjA25UeWR77kao90ao7CbOdnwqtjue6ffo7ioE1WcnGV0eGCZAOJl62f16e9a0HaqDPG13iq6cO9elaORaUFxae0XwQkWZADfG7atfae6IoTTtCQuGnBCtpx2ttQPlC37upLuRfVOZhUymIz5boB7ozMtAUbH-nonSKEkTeYLD1Xwu2ArNOLjoHogHJBpzFichm1P8WLfAN3NEjAnFMGXjmQJXscweKF4vTsryt7hLXk3nWVlylFb8h4ZbE2NLE0asJNVlEt8TWA8ELN2u1tu3pZjzGLXcq_Giasrxvc53QC859NtAYkQiw4CmVyANh4-h98Kjv4chytN0n-p7czNbCwbQH5lACRjmMaIE0mAAF7aPF6R8x9lANZZq-D812y3BfBnfjUpcl3OY7Vekm5R1T22KirEg1E_Sr_y43_VXM3DwZMDAfPLF5o_SEzMMn0FRN99ffpQ04fO8K_X1pMIoVfIQwRtnoef-aequU06SlASe5XiFLFysue_FJccr_or7DUxnCRBXYjsOR0IwAaA9hrDqwoyQjXMdlFstN5vGoXRMX_VYS2LegeP94a2m97VgY32z5segw30rh-BF8fF9SsYK_hWJqyOmA2oeInw&cid=CAQSOwCsnQUxu2NAjaEoylVtnrJRxDSzGXGT9SCE9FDKilrk8AZ24zKxNoRs1YFisgFitOy2aezu1OLj9mSvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:34:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 60C5 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyQUjKVdNumalDHMCohWBfr1RYuCznVLpSE0a79LBGJpSeR-t8ngV9vL7j84ByxsF-FFa3d4SskiomX6mO-TjX3MmuMQ&cry=1&dbm_d=AKAmf-CIpMpVznZWI2-Mu_LWuOInmwGMsvwBDh4Ni6f93XpBb19pS_2O3XDzBp5u3AcCi7XTqNNPUZXv_i67o3UkIRMG_qvYEfPBK9vDdzK-SJ5xh73lxcdkCEHKqPIWK1enOUnVHUNOjI4rj0-8xFTby5fvE-bz5sy73RvmQaXFaooos_NAb4Rwd_5jQvyd6kjbySMu6JW5gmYaSXV06SkIGctTz2UkBN5jwbpm8JLYa8u0o-pNo0gnsiU6GeTfQOP8KDZCnYexxc2cUtiV3Ykk_Z1iGBQOZlqkLaDgrf545bT2e5qEVmTpjp1gFgIFQVULAgQvg3XooO0QET4nu3JI2G9dD9xN25J2nxv_mOewWBPoQrBQyzCBAklXmOgqpP4Wf5sVxH3LR4r_otI4WRtvMZ1sNeriIPoEOlnU5a6uPGVyX6f1STdMj6Q78UQBRZM_454jXzY19615oMrFZ-0YedNK1akwcy-ETqeiIyMjU4MvGDFuNft1AyOctGkTOpdVxNZc80zOiJ-OgRsQlG0auMybvq_OfHd-is51ScoW5kR6QdnazDevwc9mUSC4MOzOklUrlBM2pQlwlljZRywGseruJaba-QECqV0HWiWJhQGuJBEn5JlHbiMA5GNGxDK59q0jnB0XQhEF74j4ubQVvRxTeLMLJhjduw5MyENfSnqSSNWev7jYO8ndIrViy4BZxzNBgpahIW71pk32kR3pg9SBjaSvu3UgUJerN-Qmy3BgfImKXRz4awM-nsJ-KsXTtSJ7YwLnP0YC556qWEZW3axORz_mxU1v5QFcgWbcTjH_gk2YRZlvCo1ezdsoNCqws3g9SKRYYV6NcCOWVUPqwcbpzniWHlBWOkbO0f2Rq0AW6t1jPONFpG6ergtp1g6XbVjgebvQauZ3SayfxKbYBxBx4PJAbObqajivOdiTLFMT5OtjbBLxVF8ZQ-3a4GgHsa739DvMrem2dD9ZSWfSqlWu7uS4mA41KXmBc-GW4rDILYbZdxT89AJnWzSLeopaSiRsZhLFRjl4K7hSGR5So_50vfUfkuEMUfjsUSskpTgZarw6OaY5APsLzX7AVS1tvWUIajzcu7PSwGOxTWweHC7gavQvXk3joh-2VP2Xit7yT5g0q5B1w_B2UPobu-y3FGgFhzm0ye89PIq703inGwZjh65t9eXLFfpZHM2wt1PzbrwZxt_4rrH0W0yOQ5xBdKT4rpdVrAtEy2kVamnLOnH6MP3IE0NI_wD0-9IAhbivUew8ptuCM6zZb6zrIdYruW2D8t3yq5HBJUn8dj823t7L8sePs4bxfe7w-8_GRFg_yec_TFq8BmG-RCMGJ3Eojf2nub2sP-xtLKhe1vhctlXT_sNLLBwCd7wJQNytj1fEHf14yxOE-HGzi7duGDmoKY2_odxL4Bn-sknXRTNod-x-fw8H1TD-U5JJzX8LDZ40FDF0SvtIm6XyunGUZVDXA46pcRqXq727nu1rj81zvpZjIT4N9I8V_arcz1RF5uraNn_xqYuG8lKDA2Km6QTrejFA2PbTB2f3gM-2ZbvIBINIIZUCiUUmOLWUsbEFlMhBMI25WPC55uR6ACyM9dirzJLad19BwMPX42IH00a1Yy-72kdrkC3gzaJL9hxGrb0P9idOBqmPjf9c3xhn5qUa-S90lPw96nYZcGg3QmVFN75E4zKKENe-svVYu7is790WePy4m6rs1ljYuXcAJz2GsG6Z3ch9SLTIN9uuCT3MmhLB4YGjBORzFvjCLxcItID28yP6DSN7j763AV1zsHrLk8ykuK7CObqRQKzV7fG4kyd5m8klqOB7-5iBraO_SMsfzw5t6ZeP4LXMiOBYm5FBtXwpDnYqkj84rOGx78PpnfYAnk82FByuT8zufgql6eVvPAZMeOJ83n7bsynqR0kkcMK46_lCPCbDEhzICelE5DNZN-Cv97Sb-fza17WjlM5gjbV3nC3CGojcExzZuEGHDcoIRdQibCIlREEpi3c3h9K0lIEQ8m_VK6q9F4lYWEPaHebax9mtexl0KAUVHAkUXDbrM3_XRWX2iYcvPa84Yt8qPTIzclPlo-UU-KswujBhB8rTpMSp4XTIeBBAjsrmLK9A-r1_LSSux-KzKvMPcKm1l4xqwkM1pMJ_ZRmZ_uQ60_aIm8-nasvgRsKUsmGEhznN1OCNQ_prd90OIOguhqf-guWvJCUPJXeIwNt5HhOkl2zAUC_j1VpDyYGGtudSnH4OdaF-CmrZWcf3Rr_zkh7yMjDjdNsHwU4QnKsJpw2WKYAX8kDt9lMLQGQVo4nhAomCQnUDDJdu7InMjYXLvEHJeq5kd1tm6HqqDXEKvb9Ecnx6JBpBt9PYbsczUbjZOQKhkO6ER92u_n9mTymOYy7SL6j9BPHHIHCciJa_F_bm90Fr7ZY4AotKVu1f4uqxHhOzcd2e_aEltSC9eVdu7ffVP9mO-cjr1jqVlwt_VlBdcDl5wtywgc5dQMP7T2rk3gUgEMlIzQ5R0tIaO_xgVjMANc6h9F7tEQEVuyLtMYQ-wBOjdFUka8M-RnChJKGA81MPaqYgwdpxTxj3erhv_8xu3B0hVV6czRLt1_XAnRw6Pv4iDrsNbvsvIUGcoM4u1_XnvZo3kXvrRYzIDDWS8xNqybyggEA9qqAeIYnV1FiZ8_7Jn0W6fZV3Oy9VTiqfJkh-DU2Hdxdtb05uGci8RL3nI1z5P2uT5LXx5BW6Z-CJgENBaAsd6FjA25UeWR77kao90ao7CbOdnwqtjue6ffo7ioE1WcnGV0eGCZAOJl62f16e9a0HaqDPG13iq6cO9elaORaUFxae0XwQkWZADfG7atfae6IoTTtCQuGnBCtpx2ttQPlC37upLuRfVOZhUymIz5boB7ozMtAUbH-nonSKEkTeYLD1Xwu2ArNOLjoHogHJBpzFichm1P8WLfAN3NEjAnFMGXjmQJXscweKF4vTsryt7hLXk3nWVlylFb8h4ZbE2NLE0asJNVlEt8TWA8ELN2u1tu3pZjzGLXcq_Giasrxvc53QC859NtAYkQiw4CmVyANh4-h98Kjv4chytN0n-p7czNbCwbQH5lACRjmMaIE0mAAF7aPF6R8x9lANZZq-D812y3BfBnfjUpcl3OY7Vekm5R1T22KirEg1E_Sr_y43_VXM3DwZMDAfPLF5o_SEzMMn0FRN99ffpQ04fO8K_X1pMIoVfIQwRtnoef-aequU06SlASe5XiFLFysue_FJccr_or7DUxnCRBXYjsOR0IwAaA9hrDqwoyQjXMdlFstN5vGoXRMX_VYS2LegeP94a2m97VgY32z5segw30rh-BF8fF9SsYK_hWJqyOmA2oeInw&cid=CAQSOwCsnQUxu2NAjaEoylVtnrJRxDSzGXGT9SCE9FDKilrk8AZ24zKxNoRs1YFisgFitOy2aezu1OLj9mSvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 12:36:42 GMT
truncated
/ Frame A3E1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
230da5ee1003cc0154e909299b6e8910bade92fe77db6c5f290d03326de64022

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CA7F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e5bcd0182d11a39048c1ae047caa66e83139e2978aa1299e6cd280e66a2912a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0177 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
203bb6dfb40b0b710324d7ace7fc7529bbfa8c86fea9dfd8ad9a3a982999b4a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame BB51
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFP2b1Qo9cXSYcbHsYaQv54&google_cver=1&google_push=AZmPxg84a5kKm6uuW3JTT_lF580CGYQQOCRDdP3RHRITBwX3iSu3OXHoAcb66Kjt83LbUPSWuoySBgoAMabebU08_OkisfeREg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ5NjA2NzI4MTcyOTQ3MzIwOQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFP2b1Qo9cXSYcbHsYaQv54&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFP2b1Qo9cXSYcbHsYaQv54&google_cver=1
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFP2b1Qo9cXSYcbHsYaQv54&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BB51
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPET0DHPZKLtq67roMfRZPA&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPET0DHPZKLtq67roMfRZPA&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NkNod0R6MWUxT0FDdmk1&google_gid=CAESEPET0DHPZKLtq67roMfRZPA&google_cver=1&google_push=AZmPxg8wrgv-oQPJvnL43U5kC_caPqW-luyXAjR0ExzNIuT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NkNod0R6MWUxT0FDdmk1&google_gid=CAESEPET0DHPZKLtq67roMfRZPA&google_cver=1&google_push=AZmPxg8wrgv-oQPJvnL43U5kC_caPqW-luyXAjR0ExzNIuTpS8sTskzLcMTczdZUULtrx5AIv6qJw9r3k9NyF0fWHh9H1_OOjqk
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:31 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NkNod0R6MWUxT0FDdmk1&google_gid=CAESEPET0DHPZKLtq67roMfRZPA&google_cver=1&google_push=AZmPxg8wrgv-oQPJvnL43U5kC_caPqW-luyXAjR0ExzNIuTpS8sTskzLcMTczdZUULtrx5AIv6qJw9r3k9NyF0fWHh9H1_OOjqk
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BB51
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECHnYw4Pvyl9w0ZwT0ui8Sc&google_cver=1&google_push=AZmPxg9PdQuLVzDz-RQ_3RqdPQqp9vhs0JO4x3_pJbcsuzrr7v3C-iS0OzW8oXkFnSo3L8OV4H-qqJrLcq6ISjQf5Lkz0oHmpg
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30805A5E815B43ECABF9F504ED92B27B&google_push=AZmPxg9PdQuLVzDz-RQ_3RqdPQqp9vhs0JO4x3_pJbcsuzrr7v3C-iS0OzW8oXkFnSo3L8OV4H-qqJrLcq6ISjQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30805A5E815B43ECABF9F504ED92B27B&google_push=AZmPxg9PdQuLVzDz-RQ_3RqdPQqp9vhs0JO4x3_pJbcsuzrr7v3C-iS0OzW8oXkFnSo3L8OV4H-qqJrLcq6ISjQf5Lkz0oHmpg
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 20 Sep 2022 12:37:32 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30805A5E815B43ECABF9F504ED92B27B&google_push=AZmPxg9PdQuLVzDz-RQ_3RqdPQqp9vhs0JO4x3_pJbcsuzrr7v3C-iS0OzW8oXkFnSo3L8OV4H-qqJrLcq6ISjQf5Lkz0oHmpg
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 19 Sep 2022 12:37:32 GMT
pixel
cm.g.doubleclick.net/ Frame BB51
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECGVFMJim-2EBr1X274eDZU&google_cver=1&google_push=AZmPxg86noOzhSfPOnOWll1AiXzk07Kpm-FX_HmIQL_Y1jtPWOP7CmimJE7wZ05ZgWu_U_v3t6LAv84s_OrzA3...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MDI0NzQ0MjM3Mjc0OA%3D%3D&google_push=AZmPxg86noOzhSfPOnOWll1AiXzk07Kpm-FX_HmIQL_Y1jtPWOP7CmimJE7wZ05ZgWu_U_v3t6LAv84s_OrzA3oV9D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MDI0NzQ0MjM3Mjc0OA%3D%3D&google_push=AZmPxg86noOzhSfPOnOWll1AiXzk07Kpm-FX_HmIQL_Y1jtPWOP7CmimJE7wZ05ZgWu_U_v3t6LAv84s_OrzA3oV9DeB59U9Eg
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MDI0NzQ0MjM3Mjc0OA%3D%3D&google_push=AZmPxg86noOzhSfPOnOWll1AiXzk07Kpm-FX_HmIQL_Y1jtPWOP7CmimJE7wZ05ZgWu_U_v3t6LAv84s_OrzA3oV9DeB59U9Eg
Date
Tue, 20 Sep 2022 12:37:32 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame BB51
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEABvWRq04yWpLeymkdsxGJI&google_cver=1&google_push=AZmPxg-JrWl78taBuOI5R52Mob7RyctA5uyNcRrME0Z2WPpgKCHjenS0zQ_J1o15jIqUtd8xKyIxuVRkhgLLdl40jr7pzx...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WKqq9pU6QMS4MFWlPqN2oQ&google_push=AZmPxg-JrWl78taBuOI5R52Mob7RyctA5uyNcRrME0Z2WPpgKCHjenS0zQ_J1o15jIqUtd8xKyIxuVRkhgLLdl4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WKqq9pU6QMS4MFWlPqN2oQ&google_push=AZmPxg-JrWl78taBuOI5R52Mob7RyctA5uyNcRrME0Z2WPpgKCHjenS0zQ_J1o15jIqUtd8xKyIxuVRkhgLLdl40jr7pzxs0x5c
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WKqq9pU6QMS4MFWlPqN2oQ&google_push=AZmPxg-JrWl78taBuOI5R52Mob7RyctA5uyNcRrME0Z2WPpgKCHjenS0zQ_J1o15jIqUtd8xKyIxuVRkhgLLdl40jr7pzxs0x5c
date
Tue, 20 Sep 2022 12:37:32 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame BB51 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECDVucAEpAxevQQCJFsXcpw&google_cver=1&google_push=AZmPxg_uQh4FCZ0lWSGlkCFtSJlqFgsRvzHIED1d1mKDFc_0LfMVNAxuwRNsFsTUIy8X-t8t-GT_E2kyBz1Fgg4JO856VHG5Q78
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:31 GMT
content-length
0
/
onetag-sys.com/match/ Frame BB51
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBVSsr4va8rM1iu1MzpJLSk&google_cver=1&google_push=AZmPxg8yKu8QMKtd831fc-WaXKS3ifCmxLodkr28dvhcZX9biHS6zPFDsRqve_zFWOB5sKNTkYGrOWlJJIq...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8yKu8QMKtd831fc-WaXKS3ifCmxLodkr28dvhcZX9biHS6zPFDsRqve_zFWOB5sKNTkYGrOWlJJIqKi8kMf4NjuGfG8tYP
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BB51 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J7NDeQREjmYcs-PVF2QCvZlFjPBk86kYEctMH_m6FP5BdB7yTYenEpz9DvEbX7R7DmQ45Wtw
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 98D8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62b079af9903faac168b95bfb592aee1beb15e1266b6777418575c5f53caad5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame D2E8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame D2E8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D2E8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 15 Sep 2023 12:37:32 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame D2E8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 15 Sep 2023 12:37:32 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame D2E8 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=dYc7UYL-0bDL0wRrZrxGPjsEzovcbuzEPZ8lDCyPPazhXvYBKa3opym3V2fH1blMGiEDcjMa8ZI-D8Xj1gbGfcbkUavl-BKjtVD4gzYP8Lyi0IwDtfscmEIETDS4V4_C4M976atYFkvqNk3gdeg54vilcP9BjcLs8FAPZ6ST869kxE-nxVVmLMJiVBlCoxRLPv0GxREE8rZvvaGB7Qm4HAhksSss8KA7L92xZCsXTTfsp4QBmSBuGVTVDPrRowG7eTm9gY8GFC0f_96u9i1glXtj4G8hfu2fxyQH-6IlVhlYhQeWvr3VSVrwrfnmKg8DyIfc8RJuayCjOxC3p-HGNkF4GxRBYQCjRNGoiqFa7JBazThFAK5ySumj76Tsk0l4UW_sg-7hIngRJ7o1J6U9_ai-4wHj1nkLlVRwxyUOcqFZtbwD
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4037878
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7FA1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7FA1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7FA1 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 15 Sep 2023 12:37:32 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7FA1 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 15 Sep 2023 12:37:32 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 7FA1 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=H3NnD42qH2RvcelODLgE-3EUDrbV50v_2GSHjhncAeuOOWS-1M_iXsVEe3AynhEQyst_OZjmvVb_dqoxCjWaGh7wKy94MUTK1MmlW_8oePSvNTud_pd1PlUP2he5XuXSibmb4-O9FZkaHaP0Pm1uk84pXaGsJ2I7ZpSypbq-Dofk_4cgORfbifEx5KJ4FSENFvrZyr1pAWSQij0ctmx1hNBVQA--r3izaw3lH4E1tIWhoUvrZ-tcqUAo7dGyJDB4Qo9J7I5PsZ_ZoxhX_TKccesjr4E7yF5S4UIqSLFR_fkU4y8kFsCYOw6I1T2WYdvg4BjigtiO0np4hcK6Eqdcg-9g8-m71uM6hpreVBwBJ1xKbu8K_ADEoWGk1ZwRXQYKV7Lj_9iYa3BdmqPAX2aFCCozct1STLOjXj5UkLxeAGq2IFAO
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4016924
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame A801 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A801 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A801 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 15 Sep 2023 12:37:32 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A801 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 15 Sep 2023 12:37:32 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame A801 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=sYaI8y5zq2cN440Bo2Q2DWMpzaYJU7byksyRJ8A9im0WYiT7nvfTzjRkTPv_v6sDCB5XqiX6WIHXTzRAHRTJNHVKLBfnlIQB-Q3-AtqavpVwsMAqy8A47zKzFwu4Laa6-EnT0G9UwvDptj3uKY9pI6HiJSG66R47-2saLhoHhA-K3msYceBQDE69vTuc5KNHPrxPRYGgKXW3Icxu_TbSae32t0GID6HCUbhHQfMA3F0pPPzDnh-bONMJlB6xt_QquBteTKKCTyj_WXW0o7aGtKBucY2yLTmeN4WU-o-r5eCD8rL2kPpMbsDHEt7_sqnKhYj8rDnsnjt3pY6TUi6KGWsG43wOB4sPpHB4VWnGshTEaDHsJ4ggHVeZAxQ6sdc88SkAuiChRqAbi0yK0yCmMLiBtRU1Ec6LhTB1Wwry90CKYg6h
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:31 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3153055
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
ebHtml5PoliteBanner.js
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ Frame 25D8 		313 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner.js
Requested by
Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1078335961&gdpr=&gdpr_consent=&w=970&h=250&ord=1663677451167865&ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCI6NYC7QpY7mfCuSN9u8P6JmYmA3G6bfCbKOs4bfTEOeIjpCLMBABINGTwypglYKAgJQHoAHnlbCWA8gBCakCGQyb5wbTsD6oAwGqBOEBT9DPHCRUoDP-_rod3P0vwfO7YJYyeDXmatjB1_hpnhEb58EM4AcPilSLnuyV5ZOrt_Zq6QkzUxgA4azbQgn_Ry6UdFThSUn9kvSGV3CQCKqJDddbcMPMn2qI4G3grK7nd6Khxmc5qsf9UDKTNwfmKAyuQAJSO5yoTt9ftBUMaT6oGWAV2QmRlZZmlEsGkz26Q87acy6efw7EWTJ_bwKZlFAXRV8R8Yhj2MICzOmaHLmYPHun0VoFJoglayKJshjlf3GQo1Kqtb3iW37AL84RJ_T9PELuL9DoWXigLv59TogYwAT7n7bPjATgBAOQBgGgBk2AB4Hqz2moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4OBzBDQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRoK803eUsqf8hFjh2-DQlcMZxvRGXejiFcUxASyYVyI4gRe2Y%26sig%3DAOD64_2HpIXbLeV1iMydDBaasadu3x-v3g%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-ASPCm8A2Hmf5QirCXOlqS1hxBP-U5U20dwDM7Q1pO-7D9cKeuG43Qf_n7sfSiTKc7c1UIPZVv4S7kCj4yS0x_BNjzCnshANQCBUwtPRI1-0fUZFfHg-YbiS-5UBmGTUm5JFOWec9FLR9Sxuk0OOqmN7ECICw%26cry%3D1%26dbm_d%3DAKAmf-Ctmcmh5WUwL5ghSikzTg2m9e-1DfWXikFlIWJ_Oer3aAoua4QHtCQ-ocn8Z8-AhvWMMAco31fILB2giBtu9bwdqBYhVm01aj2wQMMsWAEmXTj9Y1IPRCJ4LHc0Wyh1N4jGZ3-JVwASp5HlMUyF_HYE0xc5hLgfx4u-YqKOSYMB9kXhunfUqsKta-o3P_MFoGuT8MYRRcuWdY9FCLDqccX2bZAGtF8F5gbsBn7Kn9Nrk6PZrYbFINabna9A_OjbKLToBzjRFL4TTU30fGhTgcbAov-g_Cq7hwgQZsENTtXSUubF2SB4pv9mmVPZf0ykUpJY0od9XD7-XN2ogcv4kwV9DyOEjFFA-4beUCB0ADlYkThjbTMzSR6C00kcBThlCZTQvQ9H0BXJBhwXxTUr_TT_XcpHhMsi3IebGxnP7XYOZd-YfNbQTcMVEEMmw1SJH0mn3ICFV_8zF7bLtsjk4_yUgrwAxXDuQaHJcxWB9oxOBiasTGtCIieayyOyKAfq-9tbHbwbtTBaNV7H9rvDU9sRivUtqg%26adurl%3D$$&ebaddid=$$[Device_Advertising_ID_MACRO]$$&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2574ce0c81ad6051c5b01b51cf14cdba73e815a8361a72bc567bb6bc755afbd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 21 Jun 2022 13:00:33 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
etag
W/"775635b8b6c606e06a016f8817b13c63"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=560184
accept-ranges
bytes
content-length
84579
x-amz-cf-id
Qhh9L9Y-UX20IL-x9YOfLzYFdVONBXYrVN3JOii7zjwf_R6DkI_pyQ==
main.19.8.352.js
static.adsafeprotected.com/ Frame 25D8 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1153208/65390207/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
330355
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
QN3bi6L129FK2nrSYlxx_KtvziExLZJMWgOKw7beYUxwqLIwsjCCBw==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A07C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11647
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Wed, 21 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 25D8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a1ceee56e191a101e8d1f8f5c556901d5c80e70d1a151ee5ea8c176b868fa6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/ Frame F1C1 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2fd4a4e6a54380d2af815b937bd38896500b3ef1b985595fc1222a1b501a83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
448672
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1939
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 07:59:40 GMT
expires
Fri, 15 Sep 2023 07:59:40 GMT
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6704 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNJRgO9h8W-PWye9Sm_1fSfTgAAldtsYErMx3RWDp09l8PPvghvoFxgsUELO6YALhqFXEANamKrsrFdoRGYB7gb5iSB6Nm_o-d2T2Q7fxQiIfzOPz0AsVh3sAPWMGDWY9yhOuGy-0GUwca9CA1XhuZlZ4redctJtNJbiPIHQD-moh4rdIoaEWQiqrnVN4DPoAkZmiBLF3DFNa0QY6NCbsTHuO_AnlGWEEIOrBgnanMJz8eibZVmm2du_NTNrDrgZU2YM9q8QwFbevj-uwHk5r_wGptCOT1_MqWhxqprAjCc_qB4sNpQ92kFsSqMcwrXm-x3xoQBUBOuLiUn-ulmUTBNWVXBvfwnTRVp_1y-BipXjJC8znzJn0zt3Nixn-jg2FVO8vtu28bTKTpbELP8L1EWA69NjRsOJCiMXvml6OmVm_Y2-AKwEnNmW66KtxD3WpNvkrFBdGkxQFEAAnHuc10skqqpS3rnYSdBaIY7bpIzX2axjQWBX4rjAIbdEdfm1lHkgoZjuABKUM6BdIvWrhe6FoVesc8OVR-BcPNaE7FYTKCnAZMXxxh_hHjbku0d8symbE8hndvSPTKvVaEnNG7vXPk6B_l8-bxZdtj6dtGUuPC4FALrnuXGSMOWPYEQNrmQFWJb30fbP0oWcmn8dSs4mmqmP2BrgWRP7bxXUDw1YXPZ9wpfBSHUbBsiEaY0OPOjEpQQOBbiCXnYh4Gn_2Be4rUDxp3fPZyef5ocS3b-iYXD3Fa5LKt4ZoTgPmbGRz_0hsRfTlaBHAEKs23ua2nC-R_jN6ZnQ2XNw92CYq4wHSlex46QXSsNeUMwsOCVADCT6GlZXql7y4l2ca0iy3QIEhdV35OPP1d_8kc2zaj3Cv6BGeZt21LFmLxFL3EwVvTN4mKWNMIi7BX2dy5vVtHKLeM60jtWAPDyVuFPMLSlJ92pboUN5PEKTkv7lRPT2H5Cf8lmC6EjVhtXdCwmudqvjTHMKS2FB3Sck40P8AY-jVxyIHO9s3A6Vu2ZvF_rWr6L5_EuGRw6Imbvtdq_J4X9wADwDr2IFuHd8LfFw1IE1BvMHL7efDmorBFk-ahR_aPPmH5g8uvfmy3uXhuO_5vmGixWqU4aq2ncADGIe7widnaE_2asSnLzhU00NVFu4Xt2HcDt3FW1wJq1GPbFMdQsWKFPPoF09RQrRk9xOTgWH0sJJ0ckMkaM3PiNf6B4NuqiMGQCpzJkk_vt_bV44n9&sai=AMfl-YTsfnT13HXnZxH4mwKBFJ0vmMI9TRYtp-YaGaxNPaZwOXLZp_v-vDM0RNRk0u_TrxaD0zsEKY9Yq5yBtt5-mVuElwdCaH9L1GIqIrDtbXGYrqZMGZy3S8ypfkRGnDM1gcpLeozBjcd0Rw9jso-FjljRJm10DMajXesfwY4qBfsewMNCVcqEHl6922s2bOeUcJwDlXBgvPjBYVRp7sZ7_HCWLPQpE9KHCkU-16H-f7SIEYWRnPuNKODNcnWQqHDDrPJZ0w&sig=Cg0ArKJSzIWZCLB3PgzCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=378&cbvp=1&cstd=373&cisv=r20220915.25007&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 20 Sep 2022 12:37:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/ Frame 0F89 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e0eae4931b0ecdee4c249178f066ee6c8db4c2d4dea9166728bb6e702e13927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
448646
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1936
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 08:00:06 GMT
expires
Fri, 15 Sep 2023 08:00:06 GMT
last-modified
Fri, 26 Aug 2022 15:58:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 60C5 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDrUhJlSRAFDqbX9mPR8D96wj8zFc7GXzdyrpYFPam9W8b-7SY4HDDmvum8q-dQh8Sq3s8ufoLq1t-7AXz65GId4XSCpbHmmf4nZIQ6DdXiV-xEPVu4uc_avELspKM_gDijfbT5iaHl6ikkdNqF2thq2QsOIx-9SrCa_pVPjHoEaIaQe1aAl0_ratcm2PYU7Ixb3MwK7TJ6_BvkymCBYEBdKcrp4fPzsZcgwTF4TNT73N4zhoM_G83JeSeXQtmIqYNLFYvvgpAGzOWpZkfZ7VYhn3o8JedoVG3ECkSYgRM8KMZHVwdPJMMIp0mpqXYPm4talfQ1ObX3F9KgB6mSls9RBuj8x8EQnuXUMcxt8YIalagB4Ld5V0jYTVGPDsBtu3i2UQcT5M0MdderCvmjKahoh8rVcUOjHXv1W-I0ABpmV-bGkFBIIObVE0Ya9qbeR5ef1lsv6XZIP99RkyTIG0-rUtELug5Y_JZF2FKsDLgB_1vNl8lhdcKJWc6kYNZcwKf6FCzEzkPXXKkKaC0WrTVZy6E1GJtpWck0868oD0-3fjCTvIVo6L9_yHvsT6Ib6L0C1innpo7Y6sXczbd2EkDlG6FvFMokMYfyfN_HkK82tqhCJFUIvNpY9giFsN5dIgA7zS6IvP_o80hk66fbcO_cMltv9P2Fon7D6yc548lExXcV5vbGWXBft1pjgaDN0qF_3jaaCjk13C4siQ0LPgugbzsjJePZyOr22yTSlBHIFcfRZVilJUNyJNLjPucD0j3hCgVlN4o7ZqxTrlnKRQLhz4KBhFPQCg6A0Y4bKVTUg2nQK6UvQPWOq_A9EMbna1eVAfaTc63EHCAaJiOGNKHtCu5n1WtmMRlIsk6uI38dEZFQxIoRfeFNEGQh_ihiGs82wCicSLUC1F7M2k1zihn6G0X7-xSEyD8-0oUcJ2BEMBk0aNitFCUW17noO0vHe4jwU0GJ2Fz_c-Cj_e0hs8k0DTV1vfZMXnIX2ftcmgQNj0jlkqHkP4JLd57kEW434hasFcKshvTyPr87V8ewN2b3l09vaW_zs_YPg9HbZSZudvzUO3v3wJCRF86i99iXko98qWDn2QQDE_A5PJP6-93xzOh3QuEe51QPymXMFsayPQbJa89qJe_93sZ9e1rsTKOHPMDgNQmaH0uBmTCMw0LePpk4tSZ66Z09n6mHPjY599weREx21B_rouXc2TiuSjgzjCr8NtWGb6icgBpjW7qIXlHqQ&sai=AMfl-YQWNB3s-pSL9yyKJSQO_1na_xZPL4uo1rls5TbCmskK4uHT231cjPR5hg0DP1aekV-JAsY8boWgXxKa5UC-jwPMwHvfGdG2QQQLZ0ccYPNYSUDDKjRn8LkG333Bxnar18MDltuQnCuKO8C6qHAA920kt8azISV9trArkWn550vTA6Fox3TSV-tkCZFJmgQvqp3bm4zXgEhTbd30LFj5vpSUthcuuLHGtnzRO5ajTF3VHdP93xOXpgPIV4VwbM1V8PzpJg&sig=Cg0ArKJSzB9ql7TPbcBfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=354&cbvp=1&cstd=350&cisv=r20220915.45018&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 20 Sep 2022 12:37:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D2E8 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4722356
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z71I7UkMMokI6nVGc1Z6GfmDazJpSMPObazCo3pd0LRpXn%2BKNEPt2iQs7G10CvB8556ib%2FFDXCRI9XQCdRK8a93rUAmqhK8lG0I0m7j6NetmDzD1l%2BPOHt5XPMDCCQ3F57qF%2BNKEwuZ8ROHO9vk1ZrtG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74da9cee48479948-FRA
expires
Sun, 10 Sep 2023 12:37:32 GMT
animejs.js
static.criteo.net/animejs/ Frame D2E8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
img
pix.eu.criteo.net/img/ Frame D2E8 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=208&m=0&partner=9239&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F9239%2F170803%2F30e4849c5d614685904990e5b965229b_stabilo.png&v=3&w=596&s=sSLx_bMc10Q4lcQUfAeQ_Wa7
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
620e514fc9d3ad619687a98b5ccfd098444496284f7dd2b574ade9f0a1fa2909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28726860
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
80853
expires
Sat, 19 Aug 2023 00:18:33 GMT
img
pix.eu.criteo.net/img/ Frame D2E8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9239&q=80&r=0&u=https%3A%2F%2Fcdn02.plentymarkets.com%2Fbl8cypz80juz%2Fitem%2Fimages%2F925862%2Ffull%2FWassereimer--Eimer-10-Liter-weiss-emailliert--Putzeimer-mit-Holzgriffhenkel--Alltagseimer--Blumeneimer--Kartoffeleimer--Pferdeeimer--Dekoeimer-15147-925862.jpg&v=3&w=400&s=p-laAIVSZ8bEFJr4OaNxs1tN&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0241bd5dbdad179fabfb2c31f9e92f69a6775fa10bce39b184d2e74fb0daf343
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=8956911
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4852
expires
Mon, 02 Jan 2023 04:39:24 GMT
img
pix.eu.criteo.net/img/ Frame D2E8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9239&q=80&r=0&u=https%3A%2F%2Fcdn02.plentymarkets.com%2Fbl8cypz80juz%2Fitem%2Fimages%2F924197%2Ffull%2FADB-Ecktisch-rechts-B200xT80-B120xT80cm-H75cm-RAL7035.jpg&v=3&w=400&s=wHrrd13cwqXCaPngRnA7fbvH&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
57d203bc18131c6123d2e2b3bf97c30e376255284bd161c99121349592530be3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=9685660
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2382
expires
Tue, 10 Jan 2023 15:05:13 GMT
img
pix.eu.criteo.net/img/ Frame D2E8 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9239&q=80&r=0&u=https%3A%2F%2Fcdn02.plentymarkets.com%2Fbl8cypz80juz%2Fitem%2Fimages%2F921533%2Ffull%2FHundehuette---Hundehaus-Rocky-111x96x94-cm-Holz.jpg&v=3&w=400&s=CI5iMIMANQV8es7dbDIV3Xdm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
751512901e0579b0348e9809c27187ba09999e0e09c5a079f6b146164322a8e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=10330094
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10858
expires
Wed, 18 Jan 2023 02:05:47 GMT
img
pix.eu.criteo.net/img/ Frame D2E8 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9239&q=80&r=0&u=https%3A%2F%2Fcdn02.plentymarkets.com%2Fbl8cypz80juz%2Fitem%2Fimages%2F925730%2Ffull%2FGartentonne--Gartensack--Laubsack-Pop-Up-120-Liter--Gartenabfallsack--Gartenabfall-Schnittgut-Sack--Gartentasche-14937-925730.jpg&v=3&w=400&s=S4FPu4hffr37mLJLX8giUCv0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1a8d1a88faea7461f530758dd1ae3808d07241325a074bc518c1617daea4c883
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=8277011
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23190
expires
Sun, 25 Dec 2022 07:47:44 GMT
all
csm.eu.criteo.net/ Frame D2E8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Lx1-27BJsU4rBnsxVWneR-Y4du8eQpb6V7MFTJp-Er9TVklfEr43kwT_lJGfFMziB32GySTPVlbEOdhrCpBE91a6xUYs-EFK-x4ldYCwGoDh0uYswJ7tKQyCb5c0Vi5TIuZO9kPLfEoa0cS9vzamtIMilL5xec70nbjruWuKpLpBOFOtld5L3SM7_chmqOVJA6TJr6bNeWPZirv9BDFj8TRbtXedkRCQjfk3cfNAH8hJLIRueDzB_mvLCTAoEWCQyg9nbg&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:32 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D2E8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D2E8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUMIu-6fAAzL0rMbQvTyANv5w9S0wA&u=%7CEC0qcQdUQX2Ca2fvrnyoJJZs%2BmpneePGN9Y8ULvYv1w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCI4So23zz9zkXJzNzyf4dKCtrX07_if44i7SxtTfSZh0NpaYbTRaPgl_LfQPLqrpKYnB0T7JvVgcsYL4rpR17XGlMDWaUwYGJQwlfQY_aqk63VdccWD4PtEtc-pti-KtPxeN3kvuvb4a8uuMA-ctKlKzHSDpoaPP13mHksD8HCrI_MOws07YwtTN7KJPAmP90hgFKc-1JVl0so26hCIGUisFcZiR0URyrJOf6CUYFszV7nE1GTLz8EE_U9a7e_fmtFc6mT-k5l0K2K3qHomGpZN5WaqzUZtsUMX0KPjiIpvCTj3op18y9O8YSgYaL-bIKd8dLSl2G8LTI2pyxQyZ276JMPtl6FyxPQxVBBCtGmFNMTWUmdgaJjrJSmergdIfij1eDgELLnERJlUzXPAJUh2qOmzPrQ08LfcvubTjrdVxi0OphwlBSPgkL4OGF2dzIGCm0h8_McPgrXWAoE58VmSz8nEQ5nKJjHVNmzi_RrTto4SLcvsyfYhcpgrZyzPnjkfvBDKQFq7NykM66DFWZLEqo7gXs26PPlfCrwnJLqn4o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFNomC7QpY8OSEZ_d7_UP0pezuA3JntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE9gFP0ApsbmPai57G-HeLc40QeMLofDzEEFyO-fgyuPQDQ2Ip1_8MlSt4gvH4L1ze3vh2oXCTf5O85uDKKSzeVolpJy87jie8UIMZVpPmVYAdRhbbomKr4qCyeNxYo9CyKZkQoikSw4xuMW8dc8QDydoZpfyFrpp6qYrIypOyq0vRRxbO6V-lEjTQQ8I2loAFO0sC39gGuYbFvWP4WxSqvi1WFynpcdKaW4cYhKDuEU0rWqHoyOFBDvcQS5G8n5eMZPMfhsKe-qTJj8ZWcCM3L4VTA-WFZhhfJHA5XyBcsOIBzYM3W-A9Ti2seDeBStnqzDRCgvMKrvLgBAGABtbZmYy37ZOMlgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37mqZmpgVh8ZWGZd_8izq7r_1AZQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 76A6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:33:59 GMT
expires
Wed, 20 Sep 2023 12:33:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
animejs.js
static.criteo.net/animejs/ Frame 7FA1 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
img
pix.eu.criteo.net/img/ Frame 7FA1 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=96&m=0&partner=3521&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3521%2F220805%2F5cac99947830469c9a6faccadd9d8fad_logo_n_horizontal.png&v=3&w=596&s=F-2Mxzan9Tj658lcj-E2jYBj
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2c5a5d63ef36f43f1242fa4a800bf20b3bb9897d4b8a657f6de27bdb4ec45f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30042648
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
33732
expires
Sun, 03 Sep 2023 05:48:21 GMT
img
pix.eu.criteo.net/img/ Frame 7FA1 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3521&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3521%2F220805%2F45c2b6a28f094327b6a358f08d0e4636_head_robotic_1200x1200.png&v=3&w=1200&s=Xat4hplGjFlVavXRr5Wcy2D6
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
7f77b68401634f5b62bc13a76e37f75077ed34ea66c85d3a4a26a1b2e815ef65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30130413
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
50852
expires
Mon, 04 Sep 2023 06:11:06 GMT
img
pix.eu.criteo.net/img/ Frame 7FA1 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3521&q=80&r=0&u=https%3A%2F%2Fcdn-reichelt.de%2Fbilder%2Fweb%2Fxxl_ws%2FC150%2FARD_TINKER_BOT_10.png&v=3&w=400&s=-Q89i1APQgqy4SWkCVVF7-66&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d893b52c15c264dbb26367265475b2a2229dc4fc09973bd269d59c3c3f66999f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28923828
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
18104
expires
Mon, 21 Aug 2023 07:01:21 GMT
img
pix.eu.criteo.net/img/ Frame 7FA1 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3521&q=80&r=0&u=https%3A%2F%2Fcdn-reichelt.de%2Fbilder%2Fweb%2Fxxl_ws%2FEB00%2FSNAPMAKER_A350_01.png&v=3&w=400&s=TX0ppGnx1poI7klYfTtwSkvJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6630892ef42d6cd559b6b6ee874016949fb190d449fcaad61a51ac54b0ca7502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29955926
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
32131
expires
Sat, 02 Sep 2023 05:42:59 GMT
all
csm.eu.criteo.net/ Frame 7FA1 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=wFnCK7BJsU4rBnsx_aFvd7Gkh0dHLfiUTc533XwyvEOnvfaQ8ep1g5LqZOEne67AGYbTzx0BIvzYBmcibGr0ehST9QS8JX-5RMrKHd-yn_C4aNGTvP_30QuiTfXHaLHo_dwfvc6S08yOILGYOThAaSlgAEni9ZttmSOgCRK_wm_we6yaRS8H1fk6cMX3YcJHPWoVJyk23OzpE24dzRnf0P3Y13YeC1cZapB03TWl7RQpRHIbjcrl-mGh4TR602Lm04pxAg&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:32 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7FA1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7FA1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6704 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:32:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 12:32:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D442 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11647
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Wed, 21 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6704 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bd8159a5ddab9d7c84289689bdaa92bb966823cbed4d0cfafb257d912e17810

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 60C5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:32:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 12:32:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2B04 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11647
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Wed, 21 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 60C5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e683b2d59e42e80de01f14ed79bab8b6979f53c0f9f189ef5569114005bde97f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame A801 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
img
pix.eu.criteo.net/img/ Frame A801 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3521&q=80&r=0&u=https%3A%2F%2Fcdn-reichelt.de%2Fbilder%2Fweb%2Fxxl_ws%2FC150%2FARD_TINKER_BOT_10.png&v=3&w=400&s=-Q89i1APQgqy4SWkCVVF7-66&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d893b52c15c264dbb26367265475b2a2229dc4fc09973bd269d59c3c3f66999f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28923828
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
18104
expires
Mon, 21 Aug 2023 07:01:21 GMT
img
pix.eu.criteo.net/img/ Frame A801 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=3521&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3521%2F220805%2F5cac99947830469c9a6faccadd9d8fad_logo_n_horizontal.png&v=3&w=596&s=PLIXYKiFmZIkmXV9Nodf3A27
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bef2a4738230cc9758cc008478c2d9b9ee3966170526cc82021a79cbb2b2748e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30042648
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
24253
expires
Sun, 03 Sep 2023 05:48:21 GMT
img
pix.eu.criteo.net/img/ Frame A801 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3521&q=80&r=0&u=https%3A%2F%2Fcdn-reichelt.de%2Fbilder%2Fweb%2Fxxl_ws%2FE910%2FANYCUBE_MEGA_X_01.png&v=3&w=400&s=7Jxad6mXNJ5mBLBzGOYO18nD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
7efa40c6fb6de72bb1fd16ab3bb828559aa5ebf5838d9111b04982cb215b19a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30237988
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
32114
expires
Tue, 05 Sep 2023 12:04:01 GMT
img
pix.eu.criteo.net/img/ Frame A801 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3521&q=80&r=0&u=https%3A%2F%2Fcdn-reichelt.de%2Fbilder%2Fweb%2Fxxl_ws%2FX200%2FCUBE-ORANGE-STANDARD-SET.png&v=3&w=400&s=2-F-G-YvUrjAO5IICcnyV-Qa&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f0064820575abefc74d8460f01f7d01e7b13970796d77d34fbe1fd10dc5a5ca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29126603
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
32352
expires
Wed, 23 Aug 2023 15:20:56 GMT
img
pix.eu.criteo.net/img/ Frame A801 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3521&q=80&r=0&u=https%3A%2F%2Fcdn-reichelt.de%2Fbilder%2Fweb%2Fxxl_ws%2FEB00%2FXYZ_NOBEL_1.0_01.png&v=3&w=400&s=dtJHYKDFt9wGTcd9yX8883T_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
94a3247c17b792495c89936116dc62cb14172a2e97a2b62cddb1972ba863ff93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30213387
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7866
expires
Tue, 05 Sep 2023 05:14:00 GMT
img
pix.eu.criteo.net/img/ Frame A801 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3521&q=80&r=0&u=https%3A%2F%2Fcdn-reichelt.de%2Fbilder%2Fweb%2Fxxl_ws%2FEB00%2FFORMLABS_RESIN_F2_HT_02.png&v=3&w=400&s=EgthUwW-K-ryqb3nwjhLtdWh&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
aa7b609bbbf42b27ede9b400dce3f2f1589f946ab8cab2e6abf398bc61a440ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31182801
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
37252
expires
Sat, 16 Sep 2023 10:30:54 GMT
img
pix.eu.criteo.net/img/ Frame A801 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3521&q=80&r=0&u=https%3A%2F%2Fcdn-reichelt.de%2Fbilder%2Fweb%2Fxxl_ws%2FEB00%2FCREALITY3D_CRXPRO_01.png&v=3&w=400&s=0EZQFkD2C11hgNMQz3mr2c1W&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
69dd181526ec64c44662326fe0c33ee484a6b70ae3737d1593dc95c9ad7d0d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30495384
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
22852
expires
Fri, 08 Sep 2023 11:33:57 GMT
img
pix.eu.criteo.net/img/ Frame A801 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3521&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3521%2F220805%2F69fe8e1d62fc49b79ce3d4570d25fb6a_head_robotic_800x1200.png&v=3&w=1200&s=UZyrb2IL5BwggWuHvL61ZNXE
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
aa51510198fc6bd4164158e7c5803366afb19b4133760a956292bc70c5b54596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27392435
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
35751
expires
Thu, 03 Aug 2023 13:38:08 GMT
all
csm.eu.criteo.net/ Frame A801 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=BC2WrLBJsU4rBnsxKegxMU8_8OAE23jH6B6Ms6Hqn7DOKhiMNvH5EGo368ynUd8S-HaD19tnjlHifZgA5KPz2CwMqcPor_wT6qrwEAH8CyRbTw47nppu-D--cInkX4bztvH3Xd-4AriLpPDTibUMlC7m2frSWs3UoGqB1mYOgBmLuzmJsldpLI1V14imCrz0fSCveAXwfAyPqa84vPoBxOy1R8rxH7M3ouDLdvX2FZcO9Yz0pfBQMllnuuqgxMqHjBGYJQ&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:32 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A801 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A801 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 12:37:32 GMT
URLUtil.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_88_0_0/ Frame 25D8 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_88_0_0/URLUtil.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 21 Jun 2022 13:00:33 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
etag
W/"5ac70b83663a79f3a383c3a53f62eafd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=544142
accept-ranges
bytes
content-length
1947
x-amz-cf-id
aKwgjxtteGTxc1Zgz0crzdNb9lLTTsiFyihM7ycvqoC6ODI0NKHOvg==
IntersectionObserverVisibilityProvider.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_88_0_0/ Frame 25D8 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_88_0_0/IntersectionObserverVisibilityProvider.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
34db11d23b1b71496d67661f658d3f0e00bd9537b98c02c32f5b621f838be247

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:32 GMT
content-encoding
gzip
last-modified
Tue, 21 Jun 2022 13:00:33 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
etag
W/"e3dd27b7ab9e71c38170980ebbfc1df7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=657226
accept-ranges
bytes
content-length
2957
x-amz-cf-id
4zYU3STj0tQIuHjvf7uNsmYf_rVvbRN7Eiy9x2uOVm0NLyMdXgANxw==
BillboardSidekick__Statisch%20resize.jpeg
secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/ Frame 25D8 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/BillboardSidekick__Statisch%20resize.jpeg
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
83b4a420cf94c962d797a6000639c2cf8bcfeaa534b63f27771460391b37bb6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
58OtsX5sKMm4pA1aW4U1QkgI0JE1omV1
last-modified
Mon, 29 Aug 2022 04:26:37 GMT
server
ATS/7.1.0
x-amz-request-id
E55ZD8WHF5373YSD
etag
"b59d181b436cba0597b7a3606a40df56"
content-type
image/jpeg
access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:33 GMT
accept-ranges
bytes
content-length
20806
x-amz-id-2
poxlKXOsCrQpQg3oJCzNwg8aJ3cja2elMiKbX1Pl5WAZCAhWoL5a8z0V0Lmz2uaqh4DHavTp4O8=
expires
Mon, 31 Dec 2035 00:00:00 GMT
css
fonts.googleapis.com/ Frame D2E8 		2 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:43:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 20 Sep 2022 12:37:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Sep 2022 12:37:32 GMT
skeleton.js
static.adsafeprotected.com/ Frame 25D8
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1153208/65390207/skeleton.js?adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F860dff5b4d018cfeae73308b2dbecff0.safeframe.g...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
age
18743970
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
H3t2i4gpRGOykbTsbHZepwmKjuQLYWHNOprpo0nEIKex7HRcWJJHpQ==

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 353D 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
10987379
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
pY9CqnlOVya9dQ7KX-nzaQofV7UbwJt7hm0qUhAu4_PwpqEAtpCjwg==
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153208&asId=ad2b216a-7bcb-a4b2-5410-9e33870c5c07&tv=%7Bc:oL2q8J,pingTime:-8,time:532,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:1,slTimes:%7Bi:0,o:532,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:528,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.1153208-65390207%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:531%7D&br=c
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 8DCF 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
10987379
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
wN2BuPJdxYvy5eAzHK24jV0OxsAK_xSv06ohJct2u1YQWN8GxZ3nhw==
mon
pixel.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=1008835467&campId=18181863752&pubId=1&chanId=5855464769&placementId=440928950&dealId=&adsafe_par&impId=ABAjH0jCvM0iH5WXJ-fLHqajBJOC&bidurl=https://www.walla.co.il/&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7a58748d-e794-4483-d7b4-8f7eb8f76bf6,c:oL2q9g,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c95fbbff-lv6bb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:551,mot:0,app:0,maw:0,fm:thYF2Mk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.10933%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:562,oid:fefc98ca-38e0-11ed-a4ad-66aa746c43ab,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.78.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-78-188.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=7a58748d-e794-4483-d7b4-8f7eb8f76bf6&tv=%7Bc:oL2q9h,pingTime:-8,time:563,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:563,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B11~0%5D,as:%5B11~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:thYF2Mk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.10933%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:563%7D&br=c
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153208&asId=ad2b216a-7bcb-a4b2-5410-9e33870c5c07&tv=%7Bc:oL2q9H,pingTime:-3,time:593,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:529%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:1,slTimes:%7Bi:0,o:593,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:528,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.1153208-65390207%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:531%7D&br=c
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153208&asId=ad2b216a-7bcb-a4b2-5410-9e33870c5c07&tv=%7Bc:oL2q9J,pingTime:-6,time:594,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:1,slTimes:%7Bi:0,o:594,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:528,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B99~0%5D,as:%5B99~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.1153208-65390207%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:531%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=7a58748d-e794-4483-d7b4-8f7eb8f76bf6&tv=%7Bc:oL2qa0,pingTime:-3,time:608,type:v,im:%7BpBlk:574%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:562%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:608,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B56~0%5D,as:%5B56~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.10933%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.ad2b216a-7bcb-a4b2-5410-9e33870c5c07.73_1153208-65390207%7C1c*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:563%7D&br=c
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=7a58748d-e794-4483-d7b4-8f7eb8f76bf6&tv=%7Bc:oL2qa1,pingTime:-6,time:609,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:609,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.10933%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.ad2b216a-7bcb-a4b2-5410-9e33870c5c07.73_1153208-65390207%7C1c*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:563%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F1C1 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Sep 2022 12:37:33 GMT
script.js
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/js/ Frame F1C1 		2 KB
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e1479915f8fff437c7067a539d53b3a1843c8de7b5044192dd582273c7f79a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
741
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 07:59:40 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0F89 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Sep 2022 12:37:33 GMT
script.js
s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/js/ Frame 0F89 		2 KB
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
365cb784422a909ee7de9f0633b0c84263fd65c0565354ca69159b64ede3d8c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 08:00:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
743
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 08:00:06 GMT
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153208&asId=ad2b216a-7bcb-a4b2-5410-9e33870c5c07&tv=%7Bc:oL2qae,pingTime:-2,time:625,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:268,bdZ:505,beA:805,beZ:807,mfA:1295,cmA:1297,inA:1297,inZ:1303,prA:1303,prZ:1325,si:1335,poA:1338,poZ:1358,cmZ:1358,mfZ:1358,loA:1398,loZ:1402,ltA:1429,ltZ:1429,mdA:808,mdZ:876%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.254,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:529%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:1,slTimes:%7Bi:0,o:625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:528,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B130~0%5D,as:%5B130~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.1153208-65390207%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.7a58748d-e794-4483-d7b4-8f7eb8f76bf6.40_10933%7C1c*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:531,sinceFw:90,readyFired:true%7D&br=c
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=7a58748d-e794-4483-d7b4-8f7eb8f76bf6&tv=%7Bc:oL2qai,pingTime:-2,time:626,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:808,beZ:810,mfA:1359,cmA:1359,inA:1359,inZ:1361,prA:1361,prZ:1367,si:1370,poA:1371,bl:1382,poZ:1382,cmZ:1382,mfZ:1382,loA:1417,loZ:1420,ltA:1434,ltZ:1434,mdA:808,mdZ:876,idA:1382,idZ:1421%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.254,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:562%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:626,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.10933%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.ad2b216a-7bcb-a4b2-5410-9e33870c5c07.73_1153208-65390207%7C1c*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:563,sinceFw:63,readyFired:true%7D&br=c
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel
cm.g.doubleclick.net/ Frame A07C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJc5PeGVuIViLx-rfl536tk&google_cver=1&google_push=AZmPxg9_qIHcDoq5X2Jwly5TAVnC3WjBldS9Sp08_6lKmSttYZvvvoJ81nHKNTTTuDMDu_KxmNn5NfVaCwtpECWD...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg9_qIHcDoq5X2Jwly5TAVnC3WjBldS9Sp08_6lKmSttYZvvvoJ81nHKNTTTuDMDu_KxmNn5NfVaCwtpECWD6tZ5y65R_T4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg9_qIHcDoq5X2Jwly5TAVnC3WjBldS9Sp08_6lKmSttYZvvvoJ81nHKNTTTuDMDu_KxmNn5NfVaCwtpECWD6tZ5y65R_T4
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 20 Sep 2022 12:37:33 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg9_qIHcDoq5X2Jwly5TAVnC3WjBldS9Sp08_6lKmSttYZvvvoJ81nHKNTTTuDMDu_KxmNn5NfVaCwtpECWD6tZ5y65R_T4
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Sep 2022 12:37:32 GMT
i.match
s.tribalfusion.com/z/ Frame A07C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBr4lk8LkjC7hJKsR569HDo&google_cver=1&google_push=AZmPxg8AEfJzS2I5BNrTmyMzHbJTIHZXMwWK34ai3J6U90RnrFGQcS1ZMRoWXpHH6kH2o0Xhsrs-Z8Wh1lWde_7MK-ICliIjxA&re...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBr4lk8LkjC7hJKsR569HDo&google_cver=1&google_push=AZmPxg8AEfJzS2I5BNrTmyMzHbJTIHZXMwWK34ai3J6U90RnrFGQcS1ZMRoWXpHH6kH2o0Xhsrs-Z8Wh1lWde_7MK-ICliIjxA&...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBr4lk8LkjC7hJKsR569HDo&google_cver=1&google_push=AZmPxg8AEfJzS2I5BNrTmyMzHbJTIHZXMwWK34ai3J6U90RnrFGQcS1ZMRoWXpHH6kH2o0Xhsrs-Z8Wh1lWde_7MK-ICliIjxA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8AEfJzS2I5BNrTmyMzHbJTIHZXMwWK34ai3J6U90RnrFGQcS1ZMRoWXpHH6kH2o0Xhsrs-Z8Wh1lWde_7MK-ICliIjxA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74da9cf30d9cbb61-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1532
cf-ray
74da9cf1cb2dbb61-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBr4lk8LkjC7hJKsR569HDo&google_cver=1&google_push=AZmPxg8AEfJzS2I5BNrTmyMzHbJTIHZXMwWK34ai3J6U90RnrFGQcS1ZMRoWXpHH6kH2o0Xhsrs-Z8Wh1lWde_7MK-ICliIjxA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8AEfJzS2I5BNrTmyMzHbJTIHZXMwWK34ai3J6U90RnrFGQcS1ZMRoWXpHH6kH2o0Xhsrs-Z8Wh1lWde_7MK-ICliIjxA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A07C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOONSTMohJWUhkhBwPijwgw&google_cver=1&google_push=AZmPxg-s0xQxT7hPjkSB6zCKTA8slH5u4OUc-AZOjxO5wLnMOtCxMBKdKZokG-8uX9GXj8VaMtC77cm9w21kSa...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MDI0NzQ0MjM3Mjc0OA%3D%3D&google_push=AZmPxg-s0xQxT7hPjkSB6zCKTA8slH5u4OUc-AZOjxO5wLnMOtCxMBKdKZokG-8uX9GXj8VaMtC77cm9w21kSaFkSL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MDI0NzQ0MjM3Mjc0OA%3D%3D&google_push=AZmPxg-s0xQxT7hPjkSB6zCKTA8slH5u4OUc-AZOjxO5wLnMOtCxMBKdKZokG-8uX9GXj8VaMtC77cm9w21kSaFkSLkjv850SPo
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MDI0NzQ0MjM3Mjc0OA%3D%3D&google_push=AZmPxg-s0xQxT7hPjkSB6zCKTA8slH5u4OUc-AZOjxO5wLnMOtCxMBKdKZokG-8uX9GXj8VaMtC77cm9w21kSaFkSLkjv850SPo
Date
Tue, 20 Sep 2022 12:37:33 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A07C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEA6nuKaHNZTk_m3FuWf065Y&google_cver=1&google_push=AZmPxg-2XkMlqVXJt0dbgo1GYadjKcYKTgDQwSrs-O6SirrB7YHgsjTW2F4CjhMBbUzfY5qXjRiegSF2_5bKCKvMNL2g7Gp...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-2XkMlqVXJt0dbgo1GYadjKcYKTgDQwSrs-O6SirrB7YHgsjTW2F4CjhMBbUzfY5qXjRiegSF2_5bKCKvMNL2g7GpG-rM&google_hm=MzU0MDI2MTczMTMzOTM3OTQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-2XkMlqVXJt0dbgo1GYadjKcYKTgDQwSrs-O6SirrB7YHgsjTW2F4CjhMBbUzfY5qXjRiegSF2_5bKCKvMNL2g7GpG-rM&google_hm=MzU0MDI2MTczMTMzOTM3OTQ0Nw%3D%3D
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 20 Sep 2022 12:37:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-2XkMlqVXJt0dbgo1GYadjKcYKTgDQwSrs-O6SirrB7YHgsjTW2F4CjhMBbUzfY5qXjRiegSF2_5bKCKvMNL2g7GpG-rM&google_hm=MzU0MDI2MTczMTMzOTM3OTQ0Nw%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame A07C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELIE3KIgcefMqfNGTZenT5c&google_cver=1&google_push=AZmPxg9bYRp7ZERv6tpcHNZEUXLFk7p-vwSi9k32j5erbCdAVrpi9GuXGG0Olda44bdHberfoQ01Vzmr...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg9bYRp7ZERv6tpcHNZEUXLFk7p-vwSi9k32j5erbCdAVrpi9GuXGG0Olda44bdHberfoQ01Vz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg9bYRp7ZERv6tpcHNZEUXLFk7p-vwSi9k32j5erbCdAVrpi9GuXGG0Olda44bdHberfoQ01Vzmr0B47Dy7tnDv28CaeRvk
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg9bYRp7ZERv6tpcHNZEUXLFk7p-vwSi9k32j5erbCdAVrpi9GuXGG0Olda44bdHberfoQ01Vzmr0B47Dy7tnDv28CaeRvk
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame A07C 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGQp1giWtf7kC3pxuompMQs&google_cver=1&google_push=AZmPxg-rZ6W9I-O6m3Ln9NzyiP88-mMi7J6quoyoCPt_SvccC6dxnbnQXcn2pIX1HSEtCpHcOHvqNS6V42xeZjrJW_yN7jcTuzU
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:32 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
j4v475uqll5jnittpqrnhp72uod0dqs8
um
sync.teads.tv/ Frame A07C 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKzHrA9Pet0jzox43bXANog&google_cver=1&google_push=AZmPxg8IQJtB6dik4BDAQAaFBACjfYzsAstO0WYxB7V1uz3vmlg5D6g5JltYblEnysEYkQAYGiLSYt41aj8NTZWdErxTC8bg8KJf
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 20 Sep 2022 12:37:33 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame A07C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeY-VkufwwbT3U0eeyW2FNOSGQaVmCuVcT9LyGpEerxI3ErjUvOmTahBFdqTpi81Lft5kVXQ
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ Frame D2E8 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:26:35 GMT
x-content-type-options
nosniff
age
493858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:26:35 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9780 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
214
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:33:59 GMT
expires
Wed, 20 Sep 2023 12:33:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A3BD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
214
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:33:59 GMT
expires
Wed, 20 Sep 2023 12:33:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6704 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BHcznC7QpY--GNsOV3gPYxZWACwAAAAA4AeAEAg
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame D442 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECg8_rLWkszCKLkZfgRCWss&google_cver=1&google_push=AZmPxg-Sb9pnELYPAiTxj_n7D-IuiSM6q54vPVsOMu7YLZJPOI2yybSg0CM-UnKkGcowHJflsQ0N_VTBLrkfajDab-GPF5Le1HE02Q
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame D442
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH66xgc1-KIxZTrCuZBzg_Q&google_cver=1&google_push=AZmPxg_hPvRzaB5-9QPzSHvdrsvPTSgN_MP9Wi73B4xG31HAfkR5J-IJQoaDYFjmHurraunhuJqV60WvvzbG3t9b...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg_hPvRzaB5-9QPzSHvdrsvPTSgN_MP9Wi73B4xG31HAfkR5J-IJQoaDYFjmHurraunhuJqV60WvvzbG3t9b6NEjruGe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg_hPvRzaB5-9QPzSHvdrsvPTSgN_MP9Wi73B4xG31HAfkR5J-IJQoaDYFjmHurraunhuJqV60WvvzbG3t9b6NEjruGeaPvi
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 20 Sep 2022 12:37:33 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x10 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg_hPvRzaB5-9QPzSHvdrsvPTSgN_MP9Wi73B4xG31HAfkR5J-IJQoaDYFjmHurraunhuJqV60WvvzbG3t9b6NEjruGeaPvi
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Sep 2022 12:37:32 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame D442 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDPI609iF1I17C5e3UeYJ_A&google_cver=1&google_push=AZmPxg8CVyKfqNqQIF4Quo5if9waKb85TcvCLjqA3OwLIN0MoCeeo7qIqXuglbXp7sQ7SSH45CQVYAo8ce7v5szhrx1_N0NdfEGuNw
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663677453.146915,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-fra19128-FRA
pixel
cm.g.doubleclick.net/ Frame D442
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECHnYw4Pvyl9w0ZwT0ui8Sc&google_cver=1&google_push=AZmPxg-IGq0p9fp5KZF3KK-6-3QL8faOfRtUQK_1b3SKcU0T8Laz6hPK7-LubF21m-nhDOEJmzKdeRRPXXUpWoLt7T8Jd5JZv4VLbw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30805A5E815B43ECABF9F504ED92B27B&google_push=AZmPxg-IGq0p9fp5KZF3KK-6-3QL8faOfRtUQK_1b3SKcU0T8Laz6hPK7-LubF21m-nhDOEJmzKdeRRPXXUpWoL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30805A5E815B43ECABF9F504ED92B27B&google_push=AZmPxg-IGq0p9fp5KZF3KK-6-3QL8faOfRtUQK_1b3SKcU0T8Laz6hPK7-LubF21m-nhDOEJmzKdeRRPXXUpWoLt7T8Jd5JZv4VLbw
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30805A5E815B43ECABF9F504ED92B27B&google_push=AZmPxg-IGq0p9fp5KZF3KK-6-3QL8faOfRtUQK_1b3SKcU0T8Laz6hPK7-LubF21m-nhDOEJmzKdeRRPXXUpWoLt7T8Jd5JZv4VLbw
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 19 Sep 2022 12:37:33 GMT
pixel
cm.g.doubleclick.net/ Frame D442
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhH6-6W_lGjG0vdCcyoyms&google_cver=1&google_push=AZmPxg-3LUdUnI5FXh5niZ5olbclRIhWfclFqCLJU2Lbq-65UFk_euRoOnw9XkQRXl9E21J_eDpoOlT6FzBNj96mP-pytUP...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-3LUdUnI5FXh5niZ5olbclRIhWfclFqCLJU2Lbq-65UFk_euRoOnw9XkQRXl9E21J_eDpoOlT6FzBNj96mP-pytUPJIpgxSQ&google_hm=MzU0MDI2MTczMTMzOTM3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-3LUdUnI5FXh5niZ5olbclRIhWfclFqCLJU2Lbq-65UFk_euRoOnw9XkQRXl9E21J_eDpoOlT6FzBNj96mP-pytUPJIpgxSQ&google_hm=MzU0MDI2MTczMTMzOTM3OTQ0Nw%3D%3D
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 20 Sep 2022 12:37:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-3LUdUnI5FXh5niZ5olbclRIhWfclFqCLJU2Lbq-65UFk_euRoOnw9XkQRXl9E21J_eDpoOlT6FzBNj96mP-pytUPJIpgxSQ&google_hm=MzU0MDI2MTczMTMzOTM3OTQ0Nw%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame D442
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEE-k0F6wqaSGoWnpGawnt5A&google_cver=1&google_push=AZmPxg9dFb18wAoAbBaE-xer8xZdF9oi7O8lm3g52EmYYGs98lzJJJ2zsQ7m9HQMA9yu6y9bsy1KGcZPs3fYVgQV...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9dFb18wAoAbBaE-xer8xZdF9oi7O8lm3g52EmYYGs98lzJJJ2zsQ7m9HQMA9yu6y9bsy1KGcZPs3fYVgQVLpnkpPnPuns9aw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9dFb18wAoAbBaE-xer8xZdF9oi7O8lm3g52EmYYGs98lzJJJ2zsQ7m9HQMA9yu6y9bsy1KGcZPs3fYVgQVLpnkpPnPuns9aw
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 20 Sep 2022 12:37:33 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9dFb18wAoAbBaE-xer8xZdF9oi7O8lm3g52EmYYGs98lzJJJ2zsQ7m9HQMA9yu6y9bsy1KGcZPs3fYVgQVLpnkpPnPuns9aw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
TRxSovwN8BJwKjaqwFGxyzOlf117THx9MSjvxWVYRqgxFN142PjnGQ==
pixel
cm.g.doubleclick.net/ Frame D442
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAcEhMqLXXIftd05mSw8MRA&google_cver=1&google_push=AZmPxg-p6YK0DBEv0nG90U9unzrsEhSrmZFLKqZLPX7SPm3bacESmHAAnUUQJjED7FsMHDeK3gEsOm4sqFY7fiHBfwAD0mG_Tv...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg-p6YK0DBEv0nG90U9unzrsEhSrmZFLKqZLPX7SPm3bacESmHAA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg-p6YK0DBEv0nG90U9unzrsEhSrmZFLKqZLPX7SPm3bacESmHAAnUUQJjED7FsMHDeK3gEsOm4sqFY7fiHBfwAD0mG_TvIrmg
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMDkxMTAwMTQxNzU1NjIxMzc2MA%3D%3D&google_push=AZmPxg-p6YK0DBEv0nG90U9unzrsEhSrmZFLKqZLPX7SPm3bacESmHAAnUUQJjED7FsMHDeK3gEsOm4sqFY7fiHBfwAD0mG_TvIrmg
date
Tue, 20 Sep 2022 12:37:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame D442 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JriAC9Uwg5KAb2SxoYhDG_FKDM6Vg7VW3PoWK_aRLOJfjzTV4dCrRWLStgrJl5e_d__7i1
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ Frame D2E8 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:28:45 GMT
x-content-type-options
nosniff
age
493728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:28:45 GMT
pixel
cm.g.doubleclick.net/ Frame 2B04
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH66xgc1-KIxZTrCuZBzg_Q&google_cver=1&google_push=AZmPxg811sdfbTW280zvRS5F9mJXtxnGiTOqehWWwacmIw8DCJoU-iabaQWwEN69RqpOCtX-8eI_lQO5QrIiT-rX...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg811sdfbTW280zvRS5F9mJXtxnGiTOqehWWwacmIw8DCJoU-iabaQWwEN69RqpOCtX-8eI_lQO5QrIiT-rXvPWkSIhJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg811sdfbTW280zvRS5F9mJXtxnGiTOqehWWwacmIw8DCJoU-iabaQWwEN69RqpOCtX-8eI_lQO5QrIiT-rXvPWkSIhJuj-zjw
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 20 Sep 2022 12:37:33 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aNBjKbQMSACh3DlDoIASqQ&google_push=AZmPxg811sdfbTW280zvRS5F9mJXtxnGiTOqehWWwacmIw8DCJoU-iabaQWwEN69RqpOCtX-8eI_lQO5QrIiT-rXvPWkSIhJuj-zjw
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Sep 2022 12:37:32 GMT
google
match.adsrvr.org/track/cmf/ Frame 2B04 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIXqBJpQLU60oXz0rPXn2YQ&google_cver=1&google_push=AZmPxg-NYTPjARnVY0JgbZJj6mpJTsJ3q48TAdMW0BuvD2Ug-kqaPW7RLvr45fKBK6FTSELc-JcviVl6VDoKDNkUUJt0XosiT_uimw
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2B04
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECbVRDjzmOegUva2O1SGhcc&google_cver=1&google_push=AZmPxg_r74K4LoplksguD3Slg1Up1xCjzXp3ARpgxZKoaw_fTYMi-DlU6FXNqSEBJWE_gx-cyKPv4qmoxAs1hixJ7nw9...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECbVRDjzmOegUva2O1SGhcc&google_cver=1&google_push=AZmPxg_r74K4LoplksguD3Slg1Up1xCjzXp3ARpgxZKoaw_fTYMi-DlU6FXNqSEBJWE_gx-cyKPv4qmoxAs1hi...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=2c0cad57-818b-415f-a59c-7ba35dc0bf18&ssp=google&expires=30&user_group=5&bsw_param=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_r74K4LoplksguD3Slg1Up1xCjzXp3ARpgxZKoaw_fTYMi-DlU6FXNqSEBJWE_gx-cyKPv4qmoxAs1hixJ7nw9pqk3piTd_g&google_hm=S01A7jt7RcuN1PY7WjHmpQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_r74K4LoplksguD3Slg1Up1xCjzXp3ARpgxZKoaw_fTYMi-DlU6FXNqSEBJWE_gx-cyKPv4qmoxAs1hixJ7nw9pqk3piTd_g&google_hm=S01A7jt7RcuN1PY7WjHmpQ==
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_r74K4LoplksguD3Slg1Up1xCjzXp3ARpgxZKoaw_fTYMi-DlU6FXNqSEBJWE_gx-cyKPv4qmoxAs1hixJ7nw9pqk3piTd_g&google_hm=S01A7jt7RcuN1PY7WjHmpQ==
Date
Tue, 20 Sep 2022 12:37:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2B04
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBIfaVhLsLL7i8RrMPTvidQ&google_cver=1&google_push=AZmPxg_cATO6bBZRKomU29MuCEfFr7epu1zOYH1J5GdgWzuUlonZBrKtOBZJrHgBgYVTFMwBaU8nWuPp...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg_cATO6bBZRKomU29MuCEfFr7epu1zOYH1J5GdgWzuUlonZBrKtOBZJrHgBgYVTFMwBaU8nWu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg_cATO6bBZRKomU29MuCEfFr7epu1zOYH1J5GdgWzuUlonZBrKtOBZJrHgBgYVTFMwBaU8nWuPpuFCuqG-RMrnZPorosZcQ
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzQ3MTM4MDEwNTQ5MDg0Ng&google_push=AZmPxg_cATO6bBZRKomU29MuCEfFr7epu1zOYH1J5GdgWzuUlonZBrKtOBZJrHgBgYVTFMwBaU8nWuPpuFCuqG-RMrnZPorosZcQ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 2B04 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOALd0y0KWJD6ULeeuBjiw0&google_cver=1&google_push=AZmPxg878ZKlT4hkFjZoSWei-WoxMGGD_jJpm4SQjbnvvdkMeFxgxVOn4vh4Fym5gvVLV_0nNFUyDYX9K-B7uQGMfIA4nF8TQx97uA
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2B04
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEE-k0F6wqaSGoWnpGawnt5A&google_cver=1&google_push=AZmPxg-y8qE8UQ5OB-ErQ_asj9pZEDW_wkhhDzgr_ERTUlzdruHf-cZ9x4Pa0E1SvevZRQAJRFIlEtrhlJRs3b6Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-y8qE8UQ5OB-ErQ_asj9pZEDW_wkhhDzgr_ERTUlzdruHf-cZ9x4Pa0E1SvevZRQAJRFIlEtrhlJRs3b6YZctVcZu7RzO19Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-y8qE8UQ5OB-ErQ_asj9pZEDW_wkhhDzgr_ERTUlzdruHf-cZ9x4Pa0E1SvevZRQAJRFIlEtrhlJRs3b6YZctVcZu7RzO19Q
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 20 Sep 2022 12:37:33 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-y8qE8UQ5OB-ErQ_asj9pZEDW_wkhhDzgr_ERTUlzdruHf-cZ9x4Pa0E1SvevZRQAJRFIlEtrhlJRs3b6YZctVcZu7RzO19Q
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
KCE8nCzyRjjFy8lnYIK2NvqL5NWKTNfxtAQYxSxWagu6gR1e4pTbgQ==
pixel
cm.g.doubleclick.net/ Frame 2B04
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg958aafnKXgHlCA9CueCiXHQIcneD7tuKWtTc7Biy92H3SP-mS3n2eB65kGaJCg9Wjp_Ux_p0BQOM6MLU6yXKITSJ88bCIi3A&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-bee31c62-dc91-4d2c-8bfc-85facf3a2655-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg958aafnKXgHlCA9CueC...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg958aafnKXgHlCA9CueCiXHQIcneD7tuKWtTc7Biy92H3SP-mS3n2eB65kGaJCg9Wjp_Ux_p0BQOM6MLU6yXKITSJ88bCIi3A&google_hm=A77jHGLckU0si_yF-s86JlU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg958aafnKXgHlCA9CueCiXHQIcneD7tuKWtTc7Biy92H3SP-mS3n2eB65kGaJCg9Wjp_Ux_p0BQOM6MLU6yXKITSJ88bCIi3A&google_hm=A77jHGLckU0si_yF-s86JlU
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg958aafnKXgHlCA9CueCiXHQIcneD7tuKWtTc7Biy92H3SP-mS3n2eB65kGaJCg9Wjp_Ux_p0BQOM6MLU6yXKITSJ88bCIi3A&google_hm=A77jHGLckU0si_yF-s86JlU
date
Tue, 20 Sep 2022 12:37:33 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXbee31c62dc914d2c8bfc85facf3a2655003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 2B04 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbpKj0wvm46haW31dtYBkyq1kXeSpubSycIQi9TbqqTM-vxdt0aAdTsUbg0VcS-drpxImk
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
evt
lm.serving-sys.com/lm/ Frame 25D8 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/evt
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.61.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-61-30.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
Serving
bs.serving-sys.com/ Frame 25D8 		24 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=4242448734143770692&ai=1088124994&usercookie=u2=61de99ad-c6f4-4978-b243-8eeb866508fb&oo=0&clsrc=2&clbv=_2_221_3_0&gdprpurposes=1023&dg=1077265968&sdg=1078198639&ctick=321&ord=0.586564868480616
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.79.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-79-58.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
cache-control
private
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
content-length
24
expires
Sun, 05-Jun-2005 22:00:00 GMT
B28425291.344491547;dc_pre=CKat-7yxo_oCFbiH_Qcdy1YJpw;dc_trk_aid=536202816;dc_trk_cid=176757874;ord=3156740654191517810;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdp...
ad.doubleclick.net/ddm/trackimp/N1355190.2621703MSTUDIOGMBHINV./ Frame 25D8
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703MSTUDIOGMBHINV./B28425291.344491547;dc_trk_aid=536202816;dc_trk_cid=176757874;ord=3156740654191517810;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703MSTUDIOGMBHINV./B28425291.344491547;dc_pre=CKat-7yxo_oCFbiH_Qcdy1YJpw;dc_trk_aid=536202816;dc_trk_cid=176757874;ord=3156740654191517810;dc_la...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703MSTUDIOGMBHINV./B28425291.344491547;dc_pre=CKat-7yxo_oCFbiH_Qcdy1YJpw;dc_trk_aid=536202816;dc_trk_cid=176757874;ord=3156740654191517810;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f102.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703MSTUDIOGMBHINV./B28425291.344491547;dc_pre=CKat-7yxo_oCFbiH_Qcdy1YJpw;dc_trk_aid=536202816;dc_trk_cid=176757874;ord=3156740654191517810;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6704 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNJRgO9h8W-PWye9Sm_1fSfTgAAldtsYErMx3RWDp09l8PPvghvoFxgsUELO6YALhqFXEANamKrsrFdoRGYB7gb5iSB6Nm_o-d2T2Q7fxQiIfzOPz0AsVh3sAPWMGDWY9yhOuGy-0GUwca9CA1XhuZlZ4redctJtNJbiPIHQD-moh4rdIoaEWQiqrnVN4DPoAkZmiBLF3DFNa0QY6NCbsTHuO_AnlGWEEIOrBgnanMJz8eibZVmm2du_NTNrDrgZU2YM9q8QwFbevj-uwHk5r_wGptCOT1_MqWhxqprAjCc_qB4sNpQ92kFsSqMcwrXm-x3xoQBUBOuLiUn-ulmUTBNWVXBvfwnTRVp_1y-BipXjJC8znzJn0zt3Nixn-jg2FVO8vtu28bTKTpbELP8L1EWA69NjRsOJCiMXvml6OmVm_Y2-AKwEnNmW66KtxD3WpNvkrFBdGkxQFEAAnHuc10skqqpS3rnYSdBaIY7bpIzX2axjQWBX4rjAIbdEdfm1lHkgoZjuABKUM6BdIvWrhe6FoVesc8OVR-BcPNaE7FYTKCnAZMXxxh_hHjbku0d8symbE8hndvSPTKvVaEnNG7vXPk6B_l8-bxZdtj6dtGUuPC4FALrnuXGSMOWPYEQNrmQFWJb30fbP0oWcmn8dSs4mmqmP2BrgWRP7bxXUDw1YXPZ9wpfBSHUbBsiEaY0OPOjEpQQOBbiCXnYh4Gn_2Be4rUDxp3fPZyef5ocS3b-iYXD3Fa5LKt4ZoTgPmbGRz_0hsRfTlaBHAEKs23ua2nC-R_jN6ZnQ2XNw92CYq4wHSlex46QXSsNeUMwsOCVADCT6GlZXql7y4l2ca0iy3QIEhdV35OPP1d_8kc2zaj3Cv6BGeZt21LFmLxFL3EwVvTN4mKWNMIi7BX2dy5vVtHKLeM60jtWAPDyVuFPMLSlJ92pboUN5PEKTkv7lRPT2H5Cf8lmC6EjVhtXdCwmudqvjTHMKS2FB3Sck40P8AY-jVxyIHO9s3A6Vu2ZvF_rWr6L5_EuGRw6Imbvtdq_J4X9wADwDr2IFuHd8LfFw1IE1BvMHL7efDmorBFk-ahR_aPPmH5g8uvfmy3uXhuO_5vmGixWqU4aq2ncADGIe7widnaE_2asSnLzhU00NVFu4Xt2HcDt3FW1wJq1GPbFMdQsWKFPPoF09RQrRk9xOTgWH0sJJ0ckMkaM3PiNf6B4NuqiMGQCpzJkk_vt_bV44n9&sai=AMfl-YTsfnT13HXnZxH4mwKBFJ0vmMI9TRYtp-YaGaxNPaZwOXLZp_v-vDM0RNRk0u_TrxaD0zsEKY9Yq5yBtt5-mVuElwdCaH9L1GIqIrDtbXGYrqZMGZy3S8ypfkRGnDM1gcpLeozBjcd0Rw9jso-FjljRJm10DMajXesfwY4qBfsewMNCVcqEHl6922s2bOeUcJwDlXBgvPjBYVRp7sZ7_HCWLPQpE9KHCkU-16H-f7SIEYWRnPuNKODNcnWQqHDDrPJZ0w&sig=Cg0ArKJSzIWZCLB3PgzCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1116&vt=11&dtpt=738&dett=3&cstd=373&cisv=r20220915.25007&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
pagead2.googlesyndication.com/bg/ Frame 76A6 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16029
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 10:42:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 60C5 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDrUhJlSRAFDqbX9mPR8D96wj8zFc7GXzdyrpYFPam9W8b-7SY4HDDmvum8q-dQh8Sq3s8ufoLq1t-7AXz65GId4XSCpbHmmf4nZIQ6DdXiV-xEPVu4uc_avELspKM_gDijfbT5iaHl6ikkdNqF2thq2QsOIx-9SrCa_pVPjHoEaIaQe1aAl0_ratcm2PYU7Ixb3MwK7TJ6_BvkymCBYEBdKcrp4fPzsZcgwTF4TNT73N4zhoM_G83JeSeXQtmIqYNLFYvvgpAGzOWpZkfZ7VYhn3o8JedoVG3ECkSYgRM8KMZHVwdPJMMIp0mpqXYPm4talfQ1ObX3F9KgB6mSls9RBuj8x8EQnuXUMcxt8YIalagB4Ld5V0jYTVGPDsBtu3i2UQcT5M0MdderCvmjKahoh8rVcUOjHXv1W-I0ABpmV-bGkFBIIObVE0Ya9qbeR5ef1lsv6XZIP99RkyTIG0-rUtELug5Y_JZF2FKsDLgB_1vNl8lhdcKJWc6kYNZcwKf6FCzEzkPXXKkKaC0WrTVZy6E1GJtpWck0868oD0-3fjCTvIVo6L9_yHvsT6Ib6L0C1innpo7Y6sXczbd2EkDlG6FvFMokMYfyfN_HkK82tqhCJFUIvNpY9giFsN5dIgA7zS6IvP_o80hk66fbcO_cMltv9P2Fon7D6yc548lExXcV5vbGWXBft1pjgaDN0qF_3jaaCjk13C4siQ0LPgugbzsjJePZyOr22yTSlBHIFcfRZVilJUNyJNLjPucD0j3hCgVlN4o7ZqxTrlnKRQLhz4KBhFPQCg6A0Y4bKVTUg2nQK6UvQPWOq_A9EMbna1eVAfaTc63EHCAaJiOGNKHtCu5n1WtmMRlIsk6uI38dEZFQxIoRfeFNEGQh_ihiGs82wCicSLUC1F7M2k1zihn6G0X7-xSEyD8-0oUcJ2BEMBk0aNitFCUW17noO0vHe4jwU0GJ2Fz_c-Cj_e0hs8k0DTV1vfZMXnIX2ftcmgQNj0jlkqHkP4JLd57kEW434hasFcKshvTyPr87V8ewN2b3l09vaW_zs_YPg9HbZSZudvzUO3v3wJCRF86i99iXko98qWDn2QQDE_A5PJP6-93xzOh3QuEe51QPymXMFsayPQbJa89qJe_93sZ9e1rsTKOHPMDgNQmaH0uBmTCMw0LePpk4tSZ66Z09n6mHPjY599weREx21B_rouXc2TiuSjgzjCr8NtWGb6icgBpjW7qIXlHqQ&sai=AMfl-YQWNB3s-pSL9yyKJSQO_1na_xZPL4uo1rls5TbCmskK4uHT231cjPR5hg0DP1aekV-JAsY8boWgXxKa5UC-jwPMwHvfGdG2QQQLZ0ccYPNYSUDDKjRn8LkG333Bxnar18MDltuQnCuKO8C6qHAA920kt8azISV9trArkWn550vTA6Fox3TSV-tkCZFJmgQvqp3bm4zXgEhTbd30LFj5vpSUthcuuLHGtnzRO5ajTF3VHdP93xOXpgPIV4VwbM1V8PzpJg&sig=Cg0ArKJSzB9ql7TPbcBfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1057&vt=11&dtpt=703&dett=3&cstd=350&cisv=r20220915.45018&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
txt1@2x.png
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/ Frame F1C1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/txt1@2x.png
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ab9cfc1454c8ed12e08db7e966428e7bce017476e43efd08d1f397f8f10f76f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:59:40 GMT
x-content-type-options
nosniff
age
448673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2121
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 07:59:40 GMT
logo.svg
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/ Frame F1C1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/logo.svg
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 07:59:40 GMT
bg1@2x.jpg
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/ Frame F1C1 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/bg1@2x.jpg
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b619a47183355bd1a79d2735f24ac8d4be95c5751ae2d5aee9725185970a1824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:59:40 GMT
x-content-type-options
nosniff
age
448673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77362
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 07:59:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4DA8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc2siKEB4PsVvXLIkVgt0wapDdVWvqP1Qwbav6zH-ZLIckCAhi4o9iESUHFwKY8Poug7its_mf1SlT54WBuCUhtiI&sig=Cg0ArKJSzK7J1YLlfmq3EAE&cid=CAASF-Ro-Wf9-GFXd11JGCaOSfuUz7ONLR5z&id=lidar2&mcvt=1053&p=1035,199,1235,499&mtos=0,1053,1053,1053,1053&tos=0,1053,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&vu=1&app=0&itpl=20&adk=2822717126&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663677451594&rpt=514&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
pagead2.googlesyndication.com/bg/ Frame 9780 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16029
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 10:42:06 GMT
IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
pagead2.googlesyndication.com/bg/ Frame A3BD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16029
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 10:42:06 GMT
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153208&asId=ad2b216a-7bcb-a4b2-5410-9e33870c5c07&tv=%7Bc:oL2qhJ,pingTime:-10,time:1090,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663677453458%7C%7Ca39f832b8ebdb39394c7719304e7c046%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C2c8f96fbc78ee19ba0f7f2d145a44326%7C%7Ccfe1836ce201e789a8b5a369a0c8eedc%7C%7C6bdea41999140fca7ad162b7902a4343%7C%7C2c6aaafb338f5fc4447f93f98f78c5d1%7C%7C3c91578617be73b10f238de33b53edae%7C%7C1629390669,im:%7Bimprf:%7Bttecl:1378,ecd:164,tsecr:146%7D%7D%7D
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 25D8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVR9OGzOZiaVh9zFSMnyLkQcMOTtkCG89gQjPPpoG9J8coW1Ou-QfGtBVQl2mGncD0cbCUSp13csWwWTwGsTx95eqVFCLSCOTqPqSO62aKLkGPQ19B56sX6fVtwhxHW1LqwSocCA&sai=AMfl-YR1bdpgV1nAN8mUBIV6jvizhVv0hGjbD14Zi27DWQ-87WNu0Pt-8mP45wp1kV-j4iOIUpxkvo05d_ggX20hfJdTf2vtNzrwS9wSFG5HcImdVvUcsAk6UbitdiFW&sig=Cg0ArKJSzNoAK-oK2AwkEAE&cid=CAASJeRoK803eUsqf8hFjh2-DQlcMZxvRGXejiFcUxASyYVyI4gRe2Y&id=lidar2&mcvt=1024&p=20,315,270,1285&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=885339185&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663677451564&rpt=837&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=7a58748d-e794-4483-d7b4-8f7eb8f76bf6&tv=%7Bc:oL2qiO,pingTime:-10,time:1154,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663677453458%7C%7Ca39f832b8ebdb39394c7719304e7c046%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C2c8f96fbc78ee19ba0f7f2d145a44326%7C%7Ccfe1836ce201e789a8b5a369a0c8eedc%7C%7C6bdea41999140fca7ad162b7902a4343%7C%7C2c6aaafb338f5fc4447f93f98f78c5d1%7C%7C3c91578617be73b10f238de33b53edae%7C%7C1629390669,im:%7BpWait:34,pci:%7Btdr:549%7D%7D,sca:%7Bspg:ad2b216a-7bcb-a4b2-5410-9e33870c5c07%7D%7D
Requested by
Host: 860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
index.html
secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/ Frame CAEB 		78 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
a026020138b68e933987b97d17fc8737723e05f77ecd00322cb149c3c3ad6761

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
gzip
content-length
19187
content-type
text/html
date
Tue, 20 Sep 2022 12:37:34 GMT
etag
"e3940bd25912ac3176cd3c421ad99e03-df"
expires
Mon, 31 Dec 2035 00:00:00 GMT
last-modified
Mon, 29 Aug 2022 04:26:37 GMT
server
ATS/7.1.0
vary
Accept-Encoding
x-amz-id-2
sSURZi5i+nrmrawgHbOx13+qwNtQe2KvyuCxCe0oOhnUQ8ju2yXk1huOAYehu+37vunvNHUiSrg=
x-amz-request-id
DKBCEGV1EV15RY17
x-amz-version-id
mTFx8HdR0rurGCuKYU0qJaMWnU65pBF_
adServer.bs
bs.serving-sys.com/Serving/ Frame 25D8 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1088124994~~0~~1077265968~~4242448734143770692%5EActualSize~970x250x0x1x0000x0x0x970x250~0~01020~865$$&usercookie=u2=61de99ad-c6f4-4978-b243-8eeb866508fb&rnd=0.5711853515038738&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.79.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-79-58.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153208&asId=ad2b216a-7bcb-a4b2-5410-9e33870c5c07&tv=%7Bc:oL2qmd,time:1368,type:e,im:%7Bpci:%7Btdr:588%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:1,slTimes:%7Bi:0,o:1368,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:528,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B874~0%5D,as:%5B874~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:123,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.1153208-65390207%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.7a58748d-e794-4483-d7b4-8f7eb8f76bf6.40_10933%7C1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:531,sis:841%7D&br=c
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 6704 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDdNWSR9rVxuvUHKGTgPMY7TMgwQOOVcwUru6hGh2rKlIDlhD7FqE2yEVXbFL2BvqbjdaL2b3Nr8kO1j4J7khwqbOnRf_tRLMGd-kkwGFf3Z6fbIWGbcT0iqzbY3XtNp2c3-BDEg&sai=AMfl-YTgEslD3FXvy4sAfF0sp3bi2nrKNgquT0MmhYJ9TjqKzoUG507bubYXdC8k_kWEsCjbR-x_z-pSmIre-eyCM30AmINqnNdLlEcQyc_U20txgspew_BBQtnOn2M&sig=Cg0ArKJSzF2ZoQ-kfQGsEAE&cid=CAQSOwCsnQUxu2NAjaEoylVtnrJRxDSzGXGT9SCE9FDKilrk8AZ24zKxNoRs1YFisgFitOy2aezu1OLj9mSvGAEgDg&id=lidar2&mcvt=1036&p=451,1439,1051,1599&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2273020712&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663677451651&rpt=993&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 7FA1 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=wFnCK7BJsU4rBnsx_aFvd7Gkh0dHLfiUTc533XwyvEOnvfaQ8ep1g5LqZOEne67AGYbTzx0BIvzYBmcibGr0ehST9QS8JX-5RMrKHd-yn_C4aNGTvP_30QuiTfXHaLHo_dwfvc6S08yOILGYOThAaSlgAEni9ZttmSOgCRK_wm_we6yaRS8H1fk6cMX3YcJHPWoVJyk23OzpE24dzRnf0P3Y13YeC1cZapB03TWl7RQpRHIbjcrl-mGh4TR602Lm04pxAg&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:33 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
gen_204
pagead2.googlesyndication.com/pagead/ Frame 76A6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bkz-3C7QpY82ENvev7_UPl6ugyAcAAAAAOAHgBAI&bg=!np2lndnNAAZqQh0mSkI7ACkAdvg8WrUeYoCIampAVKRU77pJdL9OuxFfrO4cHFuJL1O1EuP7dGfDRAIAAAHcUgAAAANoAQeZAusrG4WKn6xlddPz__Y1CB3Ol7WCOef6VJLSZHjBRiUfuzc2h-HrniQ5MSpGZKwC-HZI5gKE1rB3MXp690O4olDj0Zftn0nQ0UVp_J5usF5HXT30DgiCYIdHbc21HPYE6KYLlHxpv3qpNJGPMUQJr5MQkCcaA2_bG9nhS5TyaSOkzQjRgEb8tfopu-UfYfukAwjjmMThzC99SrzjQNi_n9sCePyWOd-HCIl-Z4rKwt8aWyf3S1dJOowDcTTvZoXH6H1t6vmdd2qCXErBbb_5_CQD1tDs8WwcxEBlju44p7ROHoTQH6hFqCXg9Ralyo64CurFH4rsuiJklSLRPKsGuNQd-_I9xxo8HLo1Ysy5YQccA3SAr08cNdEma8Ro_iqlssS-aMwxVUYABBtbzUPrudOnOr_Y2Y1GHVN1tQFOSCwuYsxvqq1HGrIUfIyc5DaBQDidIIViUJHARWREjHPzwNtoRbxmwYtorvosvWnFxDMDEKtqQB_y-dRYdg1DTUoJxZBYp4aQUfHghVxJzomsBf7TRHNzPRkjqY5YmrTlE0il4b3iivicaaWzPvLa3S60E74thKyvo32-UH94U2bYoOcBQAXleDdFEeebbLQp_PoXule9PyQvXkYdoyYwjOwbQladQTIxAA3Q8-nIyqSnzhTN0oGs3fYlfIJIgl5N31danln3-FCAAGufkEAd_LBUv_NtNv01EfFhAN-witj2IAMGkLlH6vbcI6fgYHuoWDvSNAUFTZql7rK6TJx5Nv4UBN-YZ-Zfbo7KGOmQqaM_N0ZnCnSxe4juBEBGsudqNOqIVP_-D61eHmU5Cq3O5QF1lkzVfmIRRjagxQV17-qzKUleVXVxxsVW-XKuP-O6cBzf95svOyeAxgRR7NC3fH0TSjsFJwEdxO6hFWDAbhTm3jjBYLTGuECMKAaQuwiSmCsjjOjO1mtQUNmv-ZvM5UWGDkPYkqvyFwvt30CthNBx8w3YKmcdVQnMmkm0Miw
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9780 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BK6igC7QpY4HnNqfc7_UPlbiswAoAAAAAOAHgBAI&bg=!LS6lLmrNAAZqQh0mSkI7ACkAdvg8WiVcCWcgRu3BT8ZQyNV6m_IFVHyF166eFLk6nd_ErSyV9TrqegIAAAGoUgAAAANoAQeZAum7NCV4L7YEt0ZeeqY31YPrN8c3D68NIZFuUDFMvZTjeWtdjJ2Pp-C-tEhtxmb69AJZI7DVrC5FuGtXDzvN1fRfxEuqBiyCy2oHaTAIOi1VSQcXQSbKsGXLlQ6MjpbklGJrEP6luKOQI99AdMOOeYZvw2I-uIMw166lmQ9FbBvLSXMhImXrh_iuVou9sYd5HdyKDHzTCajICZF6bbUnMieBg66nDyxPrCiI3npK9tnWs8cE5DfS4W9hns_v_2x4TzPaMp5L_XvqHbk4Y-7uD2KVscC1MkdAzNP-pUCMnJzB18JRsiFCYfwmZfr-kUV2tmFihduce1x195ihlP11-Mhi9c_pd574qPgB-4fVQfaH6aox54sOpryCbLeEjzXwZzAc8w1WCf9kBZKEWPRQAJrwGZq9AsFPwmihFvD0z9-bTMGjYwAGUbR4otm5_CoiYecPCiLgRmx65n9W7NlPMzi_AAPy4aarA7l0crjUOlsbZ8ynRfGuCEWOUh77P9wi8aTnskK1gxIgve21rBQ-TrZn6EdMqZukl6MriSrDwC-w1mdMJB879xF9arUvRMecCsU0cf7Z7BDDtha3C-Ny1y0zUmPPyzCgOlXZRIEOXCpuu9Z4y74V-RC-fFGVz9Ou7_OfTQUjwQq31O88AnTuxeoIwNbb9R1LFLrQ-6VMP9l7pGj9MTpZtCpP5-wKe5_q8XG2SoMO-zZc8mvTlpgnBD-SiSp3HJrLSsSFM0G6OjkllP1We6znj3KTFYBf2U9PKfNYs9cKdnXHenDr-UAanENl9YZ_MiSv8gy8pd5C32RJZ9p2GScz4lT3hfunor43X6mbEyjwqRxAR_XRW7ISObe0TZn58iMoHrlpsHvXkp-e8zt8Txrv0AkpT3v2HfxGkk8iIjRYI8QthQNaeFKHqFFteA2nUFoqBMHjE84eUYe6J29JctEI_Su9Kf6Y2clBfXUojfpyt33Gxn0H6aRjFOZP1Z0FGfSrv5n7
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A3BD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHcznC7QpY--GNsOV3gPYxZWACwAAAAA4AeAEAg&bg=!39yl3JjNAAZqQh0mSkI7ACkAdvg8WsOT_-FCPrUolpJrBAkhNs9khKiCh2X8mpucZqGHS3goRtRW1gIAAAGUUgAAAANoAQeZAu1fzYX4K9VzwRS1WUrU9FcNtJOQpmMZUq6ATNitUGyttQqUTh-Dz_--s-nYKrs_72h4sSrDdgJ3N4KzfT63mfgbRWIOh1GVWBlmJu_ePrbkr2vyqGK8vIns8nmoZrjB6lEg0CtSQsQoAHr3ZJ1kU3wlbccTd_qgwidY5EoVD3YTRm0xDTwLYZ9seRfFV7Rj2jagDlOndA7GC07P4elU0BgAnuKw6q56rdZx8FB5e0YI58rAxyhDU8f45vgItt1RwiEDrnSERUzXVp0xmo-Nx1yIi0ythI8tJ08asGQvAOfBzf-eRMCi9mjVKEcrYlxnL9Zr2-Ur2RWeSVo6Em0d2zk9kWBtxk3grJz4DYs-PYEXQgEYzvoL5bukTeymo-iOsPYkh3CQPeNpOSj-x1dO7cDHq0nIrAvIxfcafZFiJzDWXlhs_PGMnT9q8B5ddJ0ZXgIWW3qH6PmasiHu08Jn3KTOiPkhOueKsKUoubdJ7Oa3fBpTR1wYfiHFtNP46vL-9LCSKiVypgyiMON0XDJXdgYpUPluKZDH6OWUVlVP2Xg8klIUolQmmVKHpfkJ7Y9iU42sx0V5ovun-wQvooTBJ8xBPwzWWji43R5mTFDTDPkDrigke0xQdLCx3mVU_PvIEvfFn_xZ9z4U-G07jvMlx1lvIFN5TIwteXg970rsKxgrRuZKOzRfydbW7WdvjyeqPVXvRsVwXOoXiAMTwo4csncs3fJKsz7IAwk7MFkg309NqVCV5BmHWgy-nfj9WXYixj6OdCaCWvv72CNOfNMx7SYAqXD4q_k-lcLnveC49O_oxlPdhCwkzA2ECGiefPwDGNUfHiO0NwoVjlyVrM5JC1xJAPirTlwi3diZ632N1j6h223tkFW2zCWkRXgprMXZGQkFKGZQzQjscJtnjB5XDfM78jRIn7gtXCbLfcq1dGMPJ4LrL8ybEBGuFiaXe9IogdIS7S1B-1c3XHLcARzkprdUF26ndlZN0oN_gnmpFg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=7a58748d-e794-4483-d7b4-8f7eb8f76bf6&tv=%7Bc:oL2qnS,time:1468,type:e,im:%7BpLoad:1294%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1468,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B916~0%5D,as:%5B916~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:127,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.10933%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.ad2b216a-7bcb-a4b2-5410-9e33870c5c07.73_1153208-65390207%7C1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:563,sis:653%7D&br=c
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:33 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 21 Sep 2022 12:37:33 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:34 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 21 Sep 2022 12:37:34 GMT
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=7a58748d-e794-4483-d7b4-8f7eb8f76bf6&tv=%7Bc:oL2qqp,pingTime:0,time:1625,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:562%7D,%7Bpiv:100,vs:i,r:,t:1625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1073~0,0~100%5D,as:%5B1073~970.250%5D%7D%7D,%7Bsl:i,t:1625,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1073~0,0~100%5D,as:%5B1073~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:95,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.10933%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.ad2b216a-7bcb-a4b2-5410-9e33870c5c07.73_1153208-65390207%7C1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:563,sis:653%7D&br=c
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153208&asId=ad2b216a-7bcb-a4b2-5410-9e33870c5c07&tv=%7Bc:oL2qqr,pingTime:0,time:1630,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:529%7D,%7Bpiv:100,vs:i,r:,t:1629%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:1,slTimes:%7Bi:1,o:1629,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:528,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1135~0,0~100%5D,as:%5B1135~970.250%5D%7D%7D,%7Bsl:i,t:1629,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1135~0,0~100%5D,as:%5B1135~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:105,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.1153208-65390207%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.7a58748d-e794-4483-d7b4-8f7eb8f76bf6.40_10933%7C1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:531,sis:841%7D&br=c
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enabler.js
s0.2mdn.net/ads/studio/ Frame CAEB 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Sep 2022 12:43:09 GMT
get
odb.outbrain.com/utils/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=10&rand=86994&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=NDJiYzhkYjBkNDlmYTJjNjAzOTJkZDNmOWE1ZWJiNGM=&adblck=false&abwl=false&clss=VQergRY2ac0VbO%2BDkmpp1bSBs4Eb0JVYtGh%2FAbmpVu6JSUgLwF8SPc47gKnzihMCFLbdv24bAwMl23ue&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&em=1&settings=true&recs=true&version=2000897&sig=PXKElT1V&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.190.132 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da57e8ce08f90507c31a3cf3bc3371e8cf1cecd3efd86b5639b1d65cb4f3ebe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:34 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, MUC, Europe1
x-timer
S1663677454.150566,VS0,VE115
accept-ranges
bytes
x-served-by
cache-lga21927-LGA, cache-muc13983-MUC
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
8abd3728bb7b518caad0aefca176654f
content-encoding
gzip
content-length
2611
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dffbcc1bb6da81a07cd852656f4afc1d8ffc098080cd31d62bcf273d078622ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 12:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
syncframe
gum.criteo.com/ Frame E073 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:33 GMT
server
Kestrel
server-processing-duration-in-ticks
868220
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
style.css
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/ Frame F1C1 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e3f1ef262e0115dd98da541eb4f9a87a20a5e739694f7552428c3b801ee58d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
417
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 07:59:41 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=MlH5LXx3YXp4SW1mblB0VjArMGxXNU93K1cwc1ZENm5SaWRPcGQ2OHNUbG5xWFMrdlRJcjBNbUZlWXREZS8wbUJTMjdicG1YWHNFU05pSm9DajZJcDRFRkd4QThJTEtIVjJkSHBzS0NkL3RvM1dZZWRDWmVOWWhJdEgyVn...
360 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=MlH5LXx3YXp4SW1mblB0VjArMGxXNU93K1cwc1ZENm5SaWRPcGQ2OHNUbG5xWFMrdlRJcjBNbUZlWXREZS8wbUJTMjdicG1YWHNFU05pSm9DajZJcDRFRkd4QThJTEtIVjJkSHBzS0NkL3RvM1dZZWRDWmVOWWhJdEgyVnN3WjB6dVcvNmFMRThJR1E0YWgxN2REM0M2QWxDbFlpQ3JJTk1PRE5jRXdQUmlSLzUzdlBmRWpKNDgyWFFlOTRuSWxCNXVSWmM0N2czWUVrSXEyOVcyRFlBWnQ2bFNBUmdDaVFnd1R3OVdDSnNIdm96UUVGckFhL0NYVnRrUC9FYlNhOSszczRpfA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a7aab5982e91f0230371a967c86f2538c9bcad739b2ce743dbf0f5a9c7053bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:33 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
960467
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=MlH5LXx3YXp4SW1mblB0VjArMGxXNU93K1cwc1ZENm5SaWRPcGQ2OHNUbG5xWFMrdlRJcjBNbUZlWXREZS8wbUJTMjdicG1YWHNFU05pSm9DajZJcDRFRkd4QThJTEtIVjJkSHBzS0NkL3RvM1dZZWRDWmVOWWhJdEgyVnN3WjB6dVcvNmFMRThJR1E0YWgxN2REM0M2QWxDbFlpQ3JJTk1PRE5jRXdQUmlSLzUzdlBmRWpKNDgyWFFlOTRuSWxCNXVSWmM0N2czWUVrSXEyOVcyRFlBWnQ2bFNBUmdDaVFnd1R3OVdDSnNIdm96UUVGckFhL0NYVnRrUC9FYlNhOSszczRpfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
611234
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 20 Sep 2022 12:37:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
465895
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame AD2E 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ec911db2ab87570c430bedf2e40f78bfe082b195cc36075f36b1bbcbb45510

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9cf8a9966916-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:34 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 84AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1663677451078
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
beacon
ap.lijit.com/ Frame 5E05 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13421168
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 20 Sep 2022 12:37:34 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8133 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19603
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 18:04:17 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4CDE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
14627
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 20 Sep 2022 12:37:34 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 157640
X-Served-By
cache-lga21968-LGA, cache-fra19134-FRA
X-Timer
S1663677454.289629,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 2E5A 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 20 Sep 2022 12:37:34 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 6E28 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Sep 2022 12:37:34 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5C1D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
14627
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 20 Sep 2022 12:37:34 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 153824
X-Served-By
cache-lga21968-LGA, cache-fra19173-FRA
X-Timer
S1663677454.289536,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 3556 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Sep 2022 12:37:34 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 0661 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 20 Sep 2022 12:37:34 GMT
prebid
b1h-euc1.zemanta.com/usersync/ 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 20 Sep 2022 12:37:34 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
txt2@2x.png
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/ Frame F1C1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/txt2@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fc226fd65f076d381de383a0c0296bb3f0f74ca7c1c5821527d6668f5bba4fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:59:41 GMT
x-content-type-options
nosniff
age
448673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2161
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 07:59:41 GMT
txt3@2x.png
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/ Frame F1C1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/txt3@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2b8bf705624a3e4cda631b10fa125eed7474244e880955b58062c4f8e4dce37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:59:41 GMT
x-content-type-options
nosniff
age
448673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2724
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 07:59:41 GMT
logo2.svg
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/ Frame F1C1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/logo2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 07:59:41 GMT
bg2@2x.jpg
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/ Frame F1C1 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/bg2@2x.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34fd820d80e1f9f29d98a15178018960904ecb358b4891f59ac7a9fa4a706e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:59:41 GMT
x-content-type-options
nosniff
age
448673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 07:59:41 GMT
legals@2x.png
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/ Frame F1C1 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/legals@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
011433338c235ea3627aac73d240be077565bffd3c27d85c8cc3d0a2ac3fcf45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:59:41 GMT
x-content-type-options
nosniff
age
448673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7234
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 07:59:41 GMT
disclaimer@2x.png
s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/ Frame F1C1 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/img/disclaimer@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f786ae47dc52c00fb2c3f5c60c167be62ace26c2239067b14230abd41f5c9d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6375313973840667673/47-IWE-BrandCampaign-Skyscraper-160x600-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:59:41 GMT
x-content-type-options
nosniff
age
448673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 07:59:41 GMT
style.css
s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/css/ Frame 0F89 		1 KB
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d827f09c6a1b895f157ba83e5155e3834bb21ffc887e6281c5fb9473bce8866f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11204082390091504495/48-IWE-BrandCampaign-Mrec-300x250-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 08:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
410
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 08:00:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 12:37:34 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=MlH5LXx3YXp4SW1mblB0VjArMGxXNU93K1cwc1ZENm5SaWRPcGQ2OHNUbG5xWFMrdlRJcjBNbUZlWXREZS8wbUJTMjdicG1YWHNFU05pSm9DajZJcDRFRkd4QThJTEtIVjJkSHBzS0NkL3RvM1dZZWRDWmVOWWhJdEgyVnN3WjB6dVcvNmFMRThJR1E0YWgxN2REM0M2QWxDbFlpQ3JJTk1PRE5jRXdQUmlSLzUzdlBmRWpKNDgyWFFlOTRuSWxCNXVSWmM0N2czWUVrSXEyOVcyRFlBWnQ2bFNBUmdDaVFnd1R3OVdDSnNIdm96UUVGckFhL0NYVnRrUC9FYlNhOSszczRpfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 20 Sep 2022 12:37:33 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
544177
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 6E28 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 20 Sep 2022 12:37:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73985
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Wed, 21 Sep 2022 09:10:39 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame AD2E 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
503776
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
74da9cf96b8d6916-FRA
expires
Fri, 17 Sep 2032 12:37:34 GMT
sid
mug.criteo.com/ Frame E073
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=TAWGdXw3VlV6aFNKR2NLcmNIUFVqQ2ZCOFVpc3YvQ2doaExjaCtBT0NGL2lEeGc1dkErWmZ5emZJakZUOXJLSjliaXFrSmlTYUdRT2Z2YXhzdXNxdVlDMlBOWDlGS2RLMlBsczBYR0htbGpiT0M4ZVhBR0xkUVpZdW9NNT...
441 B
675 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TAWGdXw3VlV6aFNKR2NLcmNIUFVqQ2ZCOFVpc3YvQ2doaExjaCtBT0NGL2lEeGc1dkErWmZ5emZJakZUOXJLSjliaXFrSmlTYUdRT2Z2YXhzdXNxdVlDMlBOWDlGS2RLMlBsczBYR0htbGpiT0M4ZVhBR0xkUVpZdW9NNTBCYWhSZkdOOTFwSHNHVWVBLzNJQmxHZTUzbnF4R2NJSm1TbEJLaGM0bTdTMWZ1bUl2ZnJuWGJOZFBUNy96RVdxNDJsWHZzTGVJS05YVnBDdUtBR25aSTl4OVhLZFdLUkc5U3U1T0d5aUVZTXBNS3Fja0Y3aFVIZStWcWIzLy81WFV1T2dHemFQOGNqckZhUEg2Zm0zd3dIZ0RHY2J6Zz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cafdc4549bc5b090f26628c1e82ee430a6901dfcc1668f288f8d3a06966f9cb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1338675
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=TAWGdXw3VlV6aFNKR2NLcmNIUFVqQ2ZCOFVpc3YvQ2doaExjaCtBT0NGL2lEeGc1dkErWmZ5emZJakZUOXJLSjliaXFrSmlTYUdRT2Z2YXhzdXNxdVlDMlBOWDlGS2RLMlBsczBYR0htbGpiT0M4ZVhBR0xkUVpZdW9NNTBCYWhSZkdOOTFwSHNHVWVBLzNJQmxHZTUzbnF4R2NJSm1TbEJLaGM0bTdTMWZ1bUl2ZnJuWGJOZFBUNy96RVdxNDJsWHZzTGVJS05YVnBDdUtBR25aSTl4OVhLZFdLUkc5U3U1T0d5aUVZTXBNS3Fja0Y3aFVIZStWcWIzLy81WFV1T2dHemFQOGNqckZhUEg2Zm0zd3dIZ0RHY2J6Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
598675
content-length
0
expires
0
get
mv.outbrain.com/Multivac/api/ 		17 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=2000897&apv=false&sig=PXKElT1V&format=html&rand=33389&em=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NDJiYzhkYjBkNDlmYTJjNjAzOTJkZDNmOWE1ZWJiNGM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=10&lastIdx=10&lastCardIdx=0&fAB=no_abtest&clss=VQergRY2ac0VbO%2BDkmpp1bSBs4Eb0JVYtGh%2FAbmpVu6JSUgLwF8SPc47gKnzihMCFLbdv24bAwMl23ue&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000897/module/streamFeed.js?e=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.190.132 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1fd452fe849371f80b4933b2a03777b115b51c6b6d0b8034eaebf5f222a63e76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:34 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, MUC, Europe1
x-timer
S1663677454.342390,VS0,VE224
accept-ranges
bytes
x-served-by
cache-lga21979-LGA, cache-muc13983-MUC
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
4a77553aed588ce298c9cf59023626c1
content-encoding
gzip
content-length
2362
expires
Thu, 01 Jan 1970 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5C1D 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:34 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
3bcd4bcf-4b2d-4b33-a5e7-20a1535b64f8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4CDE 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:34 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
b441afbf-6150-43ba-82c7-ae3a10931aeb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 15EA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:35:33 GMT
expires
Wed, 20 Sep 2023 12:35:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A8FD 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
06df46e8295b5c81ee812982ef3422b2f0180f5b2f9b19b4850ad48d76619651
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ejoNg4FmVZIjhBgjrSQY6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ejoNg4FmVZIjhBgjrSQY6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 12:37:34 GMT
expires
Tue, 20 Sep 2022 12:37:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usermatch
ssum-sec.casalemedia.com/ Frame 12EC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b6d8cff59248bad2503e0162bf35c3d33f891639b7905ea3611a5c5889995e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74da9cfa1dd29b3a-FRA
content-encoding
br
content-type
text/html
date
Tue, 20 Sep 2022 12:37:34 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwQucVVJztIlv9Eqe5fnMLQYfYx9pFwv4YtUq%2BMg99ubxKVIJu7YNyeHAoDmbcItjLFp8vHG2c1rzsv%2BZNaKXtcsh8UUv15XN%2BbpvhFccaYCDF%2Bvemn3LjGTy%2B5e6SSV3nxHkyBqef32Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame 62B1 		0
588 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9cfa6d436916-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:34 GMT
server
cloudflare
vary
Accept-Encoding
v1
match.sharethrough.com/universal/ Frame A153 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.223.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-223-252.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 20 Sep 2022 12:37:34 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 6E28 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6E28
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZVEMiHcGRsWeiN3FcWS09g&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZVEMiHcGRsWeiN3FcWS09g
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZVEMiHcGRsWeiN3FcWS09g
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:35 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
JRGDXVT3G9ZW8GJ29NWR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZVEMiHcGRsWeiN3FcWS09g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6E28
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNkxLV0wtRC1GVU5a
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNkxLV0wtRC1GVU5a
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNkxLV0wtRC1GVU5a
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6E28
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nXIemm3f1UVlNls2MeDu3Q?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3540261731339379447
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3540261731339379447
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Tue, 20 Sep 2022 12:37:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3540261731339379447
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
setuid
px.ads.linkedin.com/ Frame 6E28
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8A6LKWL-D-FUNZ
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8A6LKWL-D-FUNZ
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:34 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E0B5F0FF48524542B21DE6CD66D25B64 Ref B: FRAEDGE1516 Ref C: 2022-09-20T12:37:34Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpGxe1n5PHO6Y+mcWJOA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8A6LKWL-D-FUNZ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6E28
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDFlMjM1Yzg2YTk5YmNhOThjNjVlMmY3MjRkNmVjNTg1ZWIxOWI2Yg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDFlMjM1Yzg2YTk5YmNhOThjNjVlMmY3MjRkNmVjNTg1ZWIxOWI2Yg
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDFlMjM1Yzg2YTk5YmNhOThjNjVlMmY3MjRkNmVjNTg1ZWIxOWI2Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6E28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOv7SiQ1r5-ToFBjQ7Vg8z8&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOv7SiQ1r5-ToFBjQ7Vg8z8&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOv7SiQ1r5-ToFBjQ7Vg8z8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 6E28
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3G1ddOPWS_-n41AaobHlEQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3G1ddOPWS_-n41AaobHlEQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3G1ddOPWS_-n41AaobHlEQ
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:35 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
W6ZZJTRBJ5KGMTPNY8M0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3G1ddOPWS_-n41AaobHlEQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usermatchredir
ssum-sec.casalemedia.com/ Frame 12EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED8gH_WgwnGnANy1GHDe0TU&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED8gH_WgwnGnANy1GHDe0TU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74da9cfb0f6c9b3a-FRA
pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDeaPmh9c7GZjCnIHp%2Fkd3WZbitkMMqYAwkHMgRMHxhCu%2FXdCyRYIIAUHCtxx2VO3w%2FVx3DJ4c0Dq45FHZBnc%2B9RWHsYdUwDBmrOzuWFGLzd1MmjQAZIdF0u021wGUARJj5uZ3Y6vHDipA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED8gH_WgwnGnANy1GHDe0TU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 12EC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 12EC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:35 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
AWT0DQXMNR8ZXMPHJ7JW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:34 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
HDWM2WCFGNYBRZB9SRDS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 12EC 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:81f0:8432:14d1:181d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 12EC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1972190678536387543
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1972190678536387543
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74da9cfb28c79a0b-FRA
pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixKGsDHNdI3Od2PysBQNgB8NrUfO9r0e0wiPcSoMKf6G9f4OM45lazRFXx%2Bci0fMcoQJP4EDDWq7izZV23%2BpFyOgKEdeTjUdGnahMjKNUSdUp4%2Bk2C2zYoms4npKcyd7DBXG%2FsPoJAFpog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:34 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
abd8a074-ed3b-41fc-8b89-a3f5cc9cc621
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1972190678536387543
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 12EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame 12EC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_05572df8-b312-4b60-be7a-c02a955b1b5e&bsw_param=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5&expires=10
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5
43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74da9cfc5d51bba7-FRA
pragma
no-cache
date
Tue, 20 Sep 2022 12:37:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2oMfI75qVjQD8JO7LN%2FyLd%2FpSimDEnSuUvZ9gW82BpQG6yRr8%2FShKYIV7ldkF0xa%2FI8xKZaeQxJT4OTp7wrHqfW9CXqBXm5P92oEramV7%2BznTh3LGp1Mom65PswSgEmn6IgGuLo"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5
Date
Tue, 20 Sep 2022 12:37:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 12EC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:81f0:8432:14d1:181d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Yym0CzpmFmunT9UL8-e_-AAABJ0AAAIB
date
Tue, 20 Sep 2022 12:37:34 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame 12EC 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yym0CzpmFmunT9UL8.e-.AAA%261181
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74da9cfb5f6a906d-FRA
date
Tue, 20 Sep 2022 12:37:34 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
149
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Tue, 20 Sep 2022 16:37:34 GMT
setuid
ib.adnxs.com/prebid/ Frame 9FAF
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9b08554c0129b156e2f813918930b434
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9b08554c0129b156e2f813918930b434
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
f34f319b-a3ac-4077-9c3c-c0c852133862
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 20 Sep 2022 12:37:34 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9cfb0eab6916-FRA
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:34 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9b08554c0129b156e2f813918930b434
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 6671 		1 KB
834 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74da9cfb4c5a91f9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:34 GMT
server
cloudflare
sodar
pagead2.googlesyndication.com/pagead/ Frame A8FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091401&jk=1428281446628262&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
pagead2.googlesyndication.com/bg/ Frame 15EA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16029
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 10:42:06 GMT
getuid
sync.smartadserver.com/ Frame 7D1E
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 20 Sep 2022 12:37:34 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Tue, 20 Sep 2022 12:37:34 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
sync.php
pixel.rubiconproject.com/exchange/ Frame 1050 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
3bafef7aa4e37890defcd73f0a080481
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A0CB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19603
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 18:04:17 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
1
sync-eu.connectad.io/syncer/ Frame 701D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
74da9cfc2d9591f9-FRA
date
Tue, 20 Sep 2022 12:37:34 GMT
server
cloudflare
via
1.1 google
00b6bc83-38e1-11ed-9e71-10b91cd50306
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 26B0
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=00b6bcd1-38e1-11ed-9e71-10b91cd50306
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/00b6bc83-38e1-11ed-9e71-10b91cd50306
0
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/00b6bc83-38e1-11ed-9e71-10b91cd50306
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9cfd5b196916-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:34 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Tue, 20 Sep 2022 12:37:34 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/00b6bc83-38e1-11ed-9e71-10b91cd50306
Server
nginx
X-fe
132
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame D650
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9cff8f946916-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:35 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Sep 2022 12:37:35 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
3437077-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/3/7/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/3/7/3437077-46.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
0748ed54da838511bade1a17bdf5b9b6dedc3260f31a1f3422cbf5963a03c6a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 04:49:05 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
28109
edge-cache-tag
315967803942859320675024957509442542247,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
cache-tag
315967803942859320675024957509442542247,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
73668
x-request-id
8c40a0c368c9620574cf7d4af7ab6de5
x-served-by
cache-iad-kjyo7100155-IAD
last-modified
Tue, 20 Sep 2022 04:49:06 GMT
server
cloudinary
x-timer
S1663649345.607487,VS0,VE1087
etag
"05178c94eec65754688f87184741a8e6"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
tGv1OMMCBZ_CMAvmVAFyViOrOkv9RmQ9aNlgAAbfUqVk8VkbFBpYZQ==
x-cache-hits
0
generate_204
tpc.googlesyndication.com/ Frame 15EA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_gljTg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 12:37:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
e3db4219-e47b-4f79-9f2d-a21f1cf07a4e
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame 35B4
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/e3db4219-e47b-4f79-9f2d-a21f1cf07a4e?gdpr_consent=null&gdpr=0
0
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/loopme/e3db4219-e47b-4f79-9f2d-a21f1cf07a4e?gdpr_consent=null&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9cfd4afa6916-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:34 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74da9cfd2a535c74-FRA
content-length
0
date
Tue, 20 Sep 2022 12:37:34 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/loopme/e3db4219-e47b-4f79-9f2d-a21f1cf07a4e?gdpr_consent=null&gdpr=0
server
cloudflare
y-aQIFYANE2uF58HjM9z7vbSVQ_IJEp3gnOgwxl3U-~A&gdpr=0&gdpr_consent=
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame 7DDB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-aQIFYANE2uF58HjM9z7vbSVQ_IJEp3gnOgwxl3U-~A&gdpr=0&gdpr_consent=
0
622 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-aQIFYANE2uF58HjM9z7vbSVQ_IJEp3gnOgwxl3U-~A&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74da9cfd4af06916-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 12:37:34 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

age
0
content-length
0
date
Tue, 20 Sep 2022 12:37:34 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-aQIFYANE2uF58HjM9z7vbSVQ_IJEp3gnOgwxl3U-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=7a58748d-e794-4483-d7b4-8f7eb8f76bf6&tv=%7Bc:oL2qGy,pingTime:1,time:2626,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:562%7D,%7Bpiv:100,vs:i,r:,t:1625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:1625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1073~0,1~100%5D,as:%5B1074~970.250%5D%7D%7D,%7Bsl:i,t:1625,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:108,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.10933%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.ad2b216a-7bcb-a4b2-5410-9e33870c5c07.73_1153208-65390207%7C1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:563,sis:653%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:35 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=7a58748d-e794-4483-d7b4-8f7eb8f76bf6&tv=%7Bc:oL2qGz,pingTime:1,time:2627,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:562%7D,%7Bpiv:100,vs:i,r:,t:1625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1073~0,1~100%5D,as:%5B1074~970.250%5D%7D%7D,%7Bsl:i,t:1625,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:108,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.10933%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.ad2b216a-7bcb-a4b2-5410-9e33870c5c07.73_1153208-65390207%7C1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:563,sis:653,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:35 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=7a58748d-e794-4483-d7b4-8f7eb8f76bf6&tv=%7Bc:oL2qGz,pingTime:1,time:2627,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:562%7D,%7Bpiv:100,vs:i,r:,t:1625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1073~0,1~100%5D,as:%5B1074~970.250%5D%7D%7D,%7Bsl:i,t:1625,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:108,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.10933%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.ad2b216a-7bcb-a4b2-5410-9e33870c5c07.73_1153208-65390207%7C1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:563,sis:653,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:35 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153208&asId=ad2b216a-7bcb-a4b2-5410-9e33870c5c07&tv=%7Bc:oL2qGA,pingTime:1,time:2631,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:529%7D,%7Bpiv:100,vs:i,r:,t:1629%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:1,slTimes:%7Bi:1002,o:1629,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:528,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1135~0,0~100%5D,as:%5B1135~970.250%5D%7D%7D,%7Bsl:i,t:1629,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:107,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.1153208-65390207%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.7a58748d-e794-4483-d7b4-8f7eb8f76bf6.40_10933%7C1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:531,sis:841%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:35 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153208&asId=ad2b216a-7bcb-a4b2-5410-9e33870c5c07&tv=%7Bc:oL2qGA,pingTime:1,time:2631,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:529%7D,%7Bpiv:100,vs:i,r:,t:1629%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:1,slTimes:%7Bi:1003,o:1629,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:528,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1135~0,0~100%5D,as:%5B1135~970.250%5D%7D%7D,%7Bsl:i,t:1629,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:107,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.1153208-65390207%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.7a58748d-e794-4483-d7b4-8f7eb8f76bf6.40_10933%7C1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:531,sis:841,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:35 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
async_usersync
ib.adnxs.com/ Frame 5C1D 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:35 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
da591de4-0a8d-4c73-8c1f-3f890e60e50f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4CDE 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 12:37:35 GMT
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
773042cd-f1a0-45c9-9176-6be749e830cd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091401&jk=1428281446628262&bg=!nZ6lntrNAAZqQh0mSkI7ACkAdvg8WiNx2kPRwrsar7wOaIQ2tayOwhGbeEhQIZyxUzT-VOpOTeDtNwIAAADTUgAAAAVoAQeZAp4MUPHhYRT-aWAx4cZUmIIiJSU8Fhx_Y40ZXt_tmiCHNB5kY2af6v8SgbWImIWYpAqaSy83SXu-mJsF-dnS8TWO8Xg4LKGlJck2BVeSjBVyP_nSPmL4JlkCdUzfiS_bV9-oYPsr31BGUQRqmeBX7rBa6Bqtf_1Ek-jr-bu9QxsBkim18cp1goyLN0yJnSqZOaJbCo30kFwoBKN_t5eoFSuDN8XjSG2e5HciekJCl5Qzky_Mllf6C-j-BfJvIJyiG2fnvuFVHkTzSbQAz-8-AQC5yDAvqUJTQDuBymPuHlOBtuhubzzXPl2_QJTcFjuGSM27ipZJiLxO1oEDJ6wmCyBHaLair2rLZKJVz8lEzVAIqoMS49tHnMAGT17jUj_50IirkNZAcJ0rhR18LC_YrrFJosEoOfLh6YnlKsSIFlAqaU-kX7KKkLC8-RwFARVsblZft0q_YtezsNRkR0mVlFL3shvDRWzXfDEtl1D3oRKmTpPogiT7oc7ZXglzZTYndBFMei-bbHAP8yHfAFfbxDsSbmNz3EVsThQJR9iKV0PU-jlKWnHtZwqgVoCq6yEdqDhUvGEhxhR2zSNx7C4PTeq2mGJDXd1q-BbB0pbRDie7NfSeyviX6sV6NWh7kZtY-ZRhTxQzNnwvEQqQJzczUQTmROqcavtij8ApBjQywLuyJ-uq40_Ovb3VMfaCkowy3xBEE6rhRb-cIRYDJaU6-hjqvXY3_a-Sbpdq3mCTlklU6jSIDZxQj8p0HTxiBhm7-7jTZnAWxwrQhdbprKfQYC0WtlvRrmSf19L979n0v0Pe2MMMqGL75pPark4g55yhnNi3D-e4-56XTugPdnkZ1YbxmFbbhGgX5qXGgIZq8t3KZsrsYM_AaxsN3S2AK3y_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
05_Button.svg
secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/ Frame CAEB 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/05_Button.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
52ddcbe70833d17fbdbe3e2e874d8961f531b78ff77a12a254a578a78697668a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
a5vetIxBUKj_zhgZB8obQPtLAjRm6nRI
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 04:26:37 GMT
server
ATS/7.1.0
x-amz-request-id
T4XVRK458QHBATYY
etag
"b9dcb87597a7139ea7a1cc8d6dc08057"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:36 GMT
accept-ranges
bytes
content-length
1007
x-amz-id-2
I+WeIQDuSF4oFFKrptmFPqiMohxf+wp6CB6S5LU27pjTola0OycL7YrXdyhI9cZtcaqkUfWf3LU=
expires
Mon, 31 Dec 2035 00:00:00 GMT
04_Lets_make.svg
secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/ Frame CAEB 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/04_Lets_make.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
fe0c571825cdac985f0bee57e6814bdb2152d60ef6b01b443a505501f1bc45de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
BJHDDxsDaht.lHlN7Xwlcm3nhhLhwgKn
last-modified
Mon, 29 Aug 2022 04:26:37 GMT
server
ATS/7.1.0
x-amz-request-id
T4XVRNBACVX7W8K9
etag
"51623468188fb242b38c81f2bcdc4249"
content-type
image/svg+xml
access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:36 GMT
accept-ranges
bytes
content-length
5825
x-amz-id-2
POVBcS21OUEP3O+0fJO20hmw56IqRMLStdewjsQL5vDDAL+oPNuTi3tD8NWuz8mIjAqWwUf6ZlM=
expires
Mon, 31 Dec 2035 00:00:00 GMT
03_No_single_solution.svg
secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/ Frame CAEB 		28 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/03_No_single_solution.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
f1d596625e6037ae240480f6299de880fd7dfe6d634fb734ecc4bae03e5296aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
xUtyYvZgJcrs1t9Rwa8OW4TCJUCX7RyW
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 04:26:37 GMT
server
ATS/7.1.0
x-amz-request-id
4YEKZD2WPQCRQWT4
etag
"30d4a8d6c7862d1ab13e70e4746f9439"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:36 GMT
accept-ranges
bytes
content-length
5424
x-amz-id-2
txOgbJr3MMspJHHjbPpdYf2GY/usl62lKVkFRw+XVj13Qj4W5fpr9KtgsjdpZ+LPswUZhl1GxOI=
expires
Mon, 31 Dec 2035 00:00:00 GMT
01_Honestly.svg
secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/ Frame CAEB 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/01_Honestly.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
3dbb3a402b228480bf65136a5db7964fbc8452afe08a87efe394154333224981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
u_fqymGNDS3hLX.8jciGjBOGI4ljdHO2
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 04:26:37 GMT
server
ATS/7.1.0
x-amz-request-id
M2WCMF144MG54ZHV
etag
"20ecae8776efdd25ae2766da4605ac04"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:36 GMT
accept-ranges
bytes
content-length
1602
x-amz-id-2
uifF4ki9NtjkFY24oU+3CsJFMhYR+uLb7F1TzybWDRHJHnZugJaZ4TzQLr5EsN66uaBM5qLYvGQ=
expires
Mon, 31 Dec 2035 00:00:00 GMT
Landschaft.png
secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/ Frame CAEB 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/Landschaft.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
2cca84d1f895f0a1570768926ed42571cca8a8ad9d4ba8d07d1b7613f106bddc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
r7WPso1MDZcdu4_qXG9I3_4fgnbaaXoJ
last-modified
Mon, 29 Aug 2022 04:26:37 GMT
server
ATS/7.1.0
x-amz-request-id
M2W2DRG43HDJAKT2
etag
"43c206c0315bb56ffec9a743365ec8e8"
content-type
image/png
access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:37 GMT
accept-ranges
bytes
content-length
37935
x-amz-id-2
czRA43iDzbOkPl9WryQD5uGRJN1dgyJ32ie1y+9NBakgzKhi/lwbL6liS7tll9g4bDVGr799i6s=
expires
Mon, 31 Dec 2035 00:00:00 GMT
02_this_isnt_a_healthy.svg
secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/ Frame CAEB 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/02_this_isnt_a_healthy.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
b483361cbed6f24acd627aa9d1827d7921d8b00e3635f49e0ec80e150e941add

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
G4S8_3CP2FSxG8k4QyA31h1Mkvu2QhYm
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 04:26:37 GMT
server
ATS/7.1.0
x-amz-request-id
SX6Z988X4WK85FY1
etag
"2af9b64f25f69d3f0d39219f4d7ccb5b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:36 GMT
accept-ranges
bytes
content-length
2718
x-amz-id-2
D2MgI/crMaljBc7euy9ak+Z6AaBOY9/tua8yC5qvGfTczNMQpACTQ8x8+AlUZy/KU6yLXPQZ/ec=
expires
Mon, 31 Dec 2035 00:00:00 GMT
SE_Logo_White_RGB.svg
secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/ Frame CAEB 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/SE_Logo_White_RGB.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
481af60d5b3f5e1d6f489c9167431faaa90500e0674b5d5bff111cfa81894562

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
GMhirZEBv68nBjAWBLsesxEnZ8LNE1iG
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 04:26:37 GMT
server
ATS/7.1.0
x-amz-request-id
CRDGT3B0EEEXCSGR
etag
"cc852eb1ac0ecc4b17503dea7881e607"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:36 GMT
accept-ranges
bytes
content-length
1979
x-amz-id-2
EQ0ulBjFRtEWzZT4GKGPPn0xbXY2cWWWx5eirx/0GyNwHw0bqQNdJu/a7MCUT5ElkXZeZr3kwHw=
expires
Mon, 31 Dec 2035 00:00:00 GMT
Dotsphere.jpg
secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/ Frame CAEB 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/Dotsphere.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.154.130 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-130.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
543f84de5b577530111cbd0165a8502d83d8f1fbdca96237b14c6be2c72e32cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/104597/20220829/1076697440/73340001504460993/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
MT9W2QFXIxiaxq6m1.4bSNJyucpuyJ54
last-modified
Mon, 29 Aug 2022 04:26:37 GMT
server
ATS/7.1.0
x-amz-request-id
9C4YQDDC3VPHTYEP
etag
"8339c2b5f224459d9ec7b0501559254d"
content-type
image/jpeg
access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:36 GMT
accept-ranges
bytes
content-length
51206
x-amz-id-2
aVTbL9TesphouUNmc3mam0K/Vif4GsuxmAtwlMhLg85kL2OtvO30e3DCNoxAA9CHhjD7pREdq5E=
expires
Mon, 31 Dec 2035 00:00:00 GMT
int
lm.serving-sys.com/lm/ Frame 25D8 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/int
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.61.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-61-30.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=7a58748d-e794-4483-d7b4-8f7eb8f76bf6&tv=%7Bc:oL2rJ6,pingTime:5,time:6628,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:562%7D,%7Bpiv:100,vs:i,r:,t:1625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5003,o:1625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1073~0,1~100%5D,as:%5B1074~970.250%5D%7D%7D,%7Bsl:i,t:1625,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:98,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.10933%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.ad2b216a-7bcb-a4b2-5410-9e33870c5c07.73_1153208-65390207%7C1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:563,sis:653%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:39 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 25D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153208&asId=ad2b216a-7bcb-a4b2-5410-9e33870c5c07&tv=%7Bc:oL2rJ7,pingTime:5,time:6632,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:529%7D,%7Bpiv:100,vs:i,r:,t:1629%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:1,slTimes:%7Bi:5003,o:1629,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:528,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1135~0,0~100%5D,as:%5B1135~970.250%5D%7D%7D,%7Bsl:i,t:1629,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:97,fm:thYF2Mh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c*.1153208-65390207%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o,idMap:1c.7a58748d-e794-4483-d7b4-8f7eb8f76bf6.40_10933%7C1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:531,sis:841%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bfca:ef07:3b11:9732 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 12:37:39 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
3437076-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/3/7/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/3/7/3437076-46.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-123.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
6256131a03a38f106991e77c47d8a7139360fb9da37c4b59e331c8a579eb2731

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 04:45:03 GMT
via
1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age
28356
edge-cache-tag
371443549610111990093486414699939839726,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
cache-tag
371443549610111990093486414699939839726,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
25242
x-request-id
f0359cae28265425b01907096f833a18
x-served-by
cache-iad-kjyo7100080-IAD
last-modified
Tue, 20 Sep 2022 04:45:04 GMT
server
cloudinary
x-timer
S1663649103.508728,VS0,VE1214
etag
"0cdeaedbc24c3f8e82516ca1680125b6"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
4A0IoIJT-4NKpxkzbaQAqoB2v5IoTP4M3e9hgrVnaQHoJfMHpI9hyQ==
x-cache-hits
0
all
csm.eu.criteo.net/ Frame A801 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=BC2WrLBJsU4rBnsxKegxMU8_8OAE23jH6B6Ms6Hqn7DOKhiMNvH5EGo368ynUd8S-HaD19tnjlHifZgA5KPz2CwMqcPor_wT6qrwEAH8CyRbTw47nppu-D--cInkX4bztvH3Xd-4AriLpPDTibUMlC7m2frSWs3UoGqB1mYOgBmLuzmJsldpLI1V14imCrz0fSCveAXwfAyPqa84vPoBxOy1R8rxH7M3ouDLdvX2FZcO9Yz0pfBQMllnuuqgxMqHjBGYJQ&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwAESUUIu-6fAAzL0h6CCO9zkoW5CNGceg&u=%7CEC0qcQdUQX13feLcDceemWN8gD6M6shSDRiCPlGe1M4%3D%7C&c1=Dcz_gsP0hEvVblIsCei4bS7fNU0FI2mvjvz92WxVYthPYGGjEdDNdG3D15wcqf56siy0XN7U1Bdo-Tro_-zZ_VqInXaLXPXSQWpnh3oyzBce8H9NqFBFkZH2_A8kbVVAWz0J0XIaonbmek_Tx9dZ3ZPkUAJJuJeNdj0pNuQljqbIjHhi1mGNeG-imnnnX8XCJWD2Y3ImUpFT1VEmmv5koeBoNh0OvXbQ6BlNm8JTkEd2wwVqQvmI-iqX9LYEkQOcjgVbvl-72GRSl9zyas4V6sheS9Eoptktx4Gek1gRJJkjvY7Z0VhzXgKVQwhWZXaRDB6B4tWraoq_0gTqKYPItjhKNAGuPegshMPtTM1_sZeNJXi0uj13aO6Y4W2fQf6vyhJlLjYbp1CowC5R9TJWJdBpLdWFiG7u8dOEcV6s1nA02DzYPQqtGOlygGIpdZYf-pqEDdkrLmaNJH8i7TJiVyYYCnqBu9lg78jKifmYF055MB_he2WI_qdzsmXeAlKoPoXyhVlWXIGDbHVtg-0MA8fcin0-TYyFKEj5U5ItCdvSU7352YNh6xcPRtILuCpzqlXsAgGJ1lc-RZOWhkuhiCvd_FpM_uJ4lpiKepFxvoerhtcgQOIvHOqi205bIcEq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCff9NC7QpY8WSEZ_d7_UP0pezuA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE_wFP0EcgppSfLon_dXfiQyvtn_j6xBMaq3P_1WNFS8e_MNE8I2MPS8KmycLK-9ngW32_GgR63lm0pmnbE7jMjN71l9HU9h36d9t5AOWbMG8lJFRFVGobmPn5bzUSqaFuIWMg0KgNehBxaa5B84y2Cp3u9CdTbMnhSd5RW9a9aPbSgLkYb7B2XUVaVMgS9gRCVhuImzPLQrRwcYUzThJdOWOqwY96wX4Mm3TRwoNY6jcdx1TOhDwgeSzQ7_Nd8gTp1O87B5eXZBV4jSzguLq1lhZCeN6UweNPhRWHFn9B97nAo20xaGyB0prtCBl80_t9niDA1uwWGT4wE08zKbmIeVDgBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30AwQvx9xiUrx6t_XydwfzvPZGyA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:39 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 7FA1 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=wFnCK7BJsU4rBnsx_aFvd7Gkh0dHLfiUTc533XwyvEOnvfaQ8ep1g5LqZOEne67AGYbTzx0BIvzYBmcibGr0ehST9QS8JX-5RMrKHd-yn_C4aNGTvP_30QuiTfXHaLHo_dwfvc6S08yOILGYOThAaSlgAEni9ZttmSOgCRK_wm_we6yaRS8H1fk6cMX3YcJHPWoVJyk23OzpE24dzRnf0P3Y13YeC1cZapB03TWl7RQpRHIbjcrl-mGh4TR602Lm04pxAg&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym0CwACj7oH_YbkAAYM6CYobXnpmP3xXGnpgA&u=%7CEC0qcQdUQX1uYcFvKeRnTfaBTEkgTFMJjyJxQsjWhJU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wGCBzZU3pBWd1fmla5rGf9OjLWfKiWLPaPAih0ytKn-0aXFcXEK4vxyqg7uuKy2bjByD72PgmGVAg4wQOwkUn62QJOQj6nHYu4L0lCqv219OnNQ_Ugk2E24OBlnT5vg8qC0CZBMKwepA2EtYeq_3vi5wyAZbYpFnedEs2YTGFiDwsRwGIxjX-1xlYfrSVlJDg5_u8g8GICdV4iJMz8vCo5T34ZJRqIxP4o2clC5h5esFqtBosUCbolu6rUNhUjLuUBsYOSEmzIvWqJuCtCvISJWkQZhfyV79AljlH_MTsAhvrMTRWMTGdYXKN7zsZE2XSXYbXulJ95nOsG_RoaGUSzN03IcAT1mOT0Liet5giZ4D4onHDispxD5vmQdS0qzA9HWypcIqJZXBTon4GBeQvM5hkJ-xdMTAjrHxHWKrPSDlwUpOPqzy4kzxoBydb6JdC7zE2qd77UZ59xfzbs3rL-XPAbZnDEwD_xuKB0485nu7ruVGNjxovOsUc42sSefNvAcT5zXagEILzr-VmofHw5tyhd7ZcHLNzAH9QNBgYIJAlMst9l5xkL_PPm-q1ZKUZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCITbXC7QpY7qfCuSN9u8P6JmYmA3JntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE8wFP0FCjtaGTXgqdKMLuZVZppylHfbonWXRQvchoOzbw8LaRrQiAFLwtkDrcbgVjtZ2N0hRikSNYP_l_Okpep5YBE4maL_E03PBMSj_l0W2IoEU30f6hEmbQ0265ZyoBl-_EC1WWtSxACKKu8tMe82uAPNZA_DdmIFChgaRvMb079xePloICkEUQivQ8pPogPncG1lCD-yzIbZo7bzXq9iNFdd2sNmO1IkMXvfZOuTCucVxM8BAnr0Y-HdgHAPvoaNz9njTFT_JG7hZf-BKrnEZnaU4KYgTj3eNvHGazHM9djrqlzoDf-GgGBNXfOm39jsUHMw7gBAGABomMub2g1dHojQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UympafZ54-w1eAUa21loTeWL-gQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Sep 2022 12:37:39 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| addScriptPromise object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist object| WallaTargeting object| _sf_async_config object| _cb_shared string| loadDataState object| _cbm object| __LOADABLE_LOADED_CHUNKS__ object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| __twttrll object| __twttr object| regeneratorRuntime object| google_tag_manager function| postscribe object| google_tag_manager_external function| desc function| category function| author function| tags function| age function| gender object| ptag object| f object| ktag string| path object| z object| permutive string| __strip_step__ string| GoogleAnalyticsObject function| ga object| google_conversion_id object| google_custom_params object| google_remarketing_only function| fbq function| _fbq object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| _0x4cab function| _0x4e19 object| _vadHb object| vadprebid object| vadprebidChunk object| ADAGIO object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| __ctcg_65349_0_exec object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| a object| sas object| apntag object| _ADAGIO object| sw_consent object| ONFOCUS object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| GoogleGcLKhOms object| google_image_requests

70 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _cb
Value: DIL34s7X1iADebDwd
.walla.co.il/ Name: _chartbeat2
Value: .1663677447845.1663677447845.1.C_MB7_CR8FOe-zrxgBFJbT7DVanFY.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _t_tests
Value: eyJBWHRRNTVyRFlyR1BvIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJDTDFKM1ciXX0sIkxMUWVlTWlyNWhBdngiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIjFSR25sIl19LCJtUExPWDcza1U0cGRMIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJDWV9fYVQiXX0sImpQa1d2WGlZdE9ISHQiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkRqWVlXeCIsIkRqWVlXeCJdfSwidGdPZUxYVGpDRzh0OCI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiQjRVcHFiIl19LCJxSWR6VGhJZ0gxZGd4Ijp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJ6WXhKWiIsIkQtZFJiRyJdfSwibGlmdF9leHAiOiJtIn0=
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.adnxs.com/ Name: uuid2
Value: 1972190678536387543
.walla.co.il/ Name: _ga
Value: GA1.3.718903951.1663677450
.walla.co.il/ Name: _gid
Value: GA1.3.1742017691.1663677450
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.walla.co.il/ Name: vad-loc-code
Value: de
.walla.co.il/ Name: _fbp
Value: fb.2.1663677450464.1827618045
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.prebid.a-mo.net/ Name: __amc
Value: 1_1663677450_1663677450
.adnxs.com/ Name: icu
Value: ChgIjvJ-EAoYASABKAEwi-immQY4AUABSAEQi-immQYYAA..
.rubiconproject.com/ Name: khaos
Value: L8A6LKWL-D-FUNZ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qr+jgDHj7En/bJGe4Ni1ThWK2euPP2lVg3CRi4Lg8bJK9vKsygRQwEouOYdOTdJHhk5p164vmVCVSYbB5SW5XQ37GGGOiqNCvuma+WVcS1g3g==
.ads.stickyadstv.com/ Name: UID
Value: 36d5578ba0396e88eb3e7c78a99ebaa
.ads.stickyadstv.com/ Name: sessionId
Value: 6990dac08b309ee234c030f88fc3c61
.creativecdn.com/ Name: u
Value: vtvF2gBaSkXNS7JK2MYo
.creativecdn.com/ Name: ts
Value: 1663677451
.doubleclick.net/ Name: IDE
Value: AHWqTUlHgQDL09FNBswx3P5OWbg-VOn4nnHfRh9b0XU8WohtZ27AE3dO8j9HNRfO2Jg
.walla.co.il/ Name: __gads
Value: ID=7dc5587af6bb1e5f:T=1663677451:S=ALNI_MaEZzBqrhF87FHpFpV5i9b1EdkN_g
.360yield.com/ Name: tuuid
Value: 58aaaaf6-953a-40c4-b830-55a53ea376a1
.360yield.com/ Name: tuuid_lu
Value: 1663677451
.casalemedia.com/ Name: CMID
Value: Yym0CzpmFmunT9UL8.e-.AAA
.casalemedia.com/ Name: CMPS
Value: 1181
.casalemedia.com/ Name: CMPRO
Value: 1181
.3lift.com/ Name: tluid
Value: 1210911001417556213760
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.2371821725589297161
.yahoo.com/ Name: A3
Value: d=AQABBAy0KWMCEMYMILgGr6P2K8RSD1PBe-QFEgEBAQEFK2MzYwAAAAAA_eMAAA&S=AQAAAllhuL6u80OQkqU9X2FmUAc
.w55c.net/ Name: wfivefivec
Value: 6ChwDz1e1OACvi5
.adfarm1.adition.com/ Name: UserID1
Value: 7145440247442372748
.simpli.fi/ Name: suid
Value: 30805A5E815B43ECABF9F504ED92B27B
.turn.com/ Name: uid
Value: 2496067281729473209
.adform.net/ Name: uid
Value: 3663471380105490846
.w55c.net/ Name: matchgoogle
Value: 5
.mathtag.com/ Name: uuid
Value: 68d06329-b40c-4800-a1dc-3943a08012a9
.mathtag.com/ Name: mt_mop
Value: 4:1663677453
.serving-sys.com/ Name: A6
Value: 10STx2xyQR1002dN000010000
.serving-sys.com/ Name: u2
Value: 61de99ad-c6f4-4978-b243-8eeb866508fb4IT06g
.bidswitch.net/ Name: tuuid
Value: 4b4d40ee-3b7b-45cb-8dd4-f63b5a31e6a5
.bidswitch.net/ Name: c
Value: 1663677453
.bidswitch.net/ Name: tuuid_lu
Value: 1663677453
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-bee31c62-dc91-4d2c-8bfc-85facf3a2655-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-bee31c62-dc91-4d2c-8bfc-85facf3a2655-003%22%7D
.creative-serving.com/ Name: tuuid
Value: 2c0cad57-818b-415f-a59c-7ba35dc0bf18
.creative-serving.com/ Name: c
Value: 1663677453
.creative-serving.com/ Name: tuuid_lu
Value: 1663677453
.tribalfusion.com/ Name: ANON_ID
Value: aDnseFrwZayaQXwrSQErYnSBXnZdu3wcL9ZcIssuqeD9FM2nwYU6jTaHVv1WjWIyyj0WZbClYOX4FcYpUYZbv08XW
.serving-sys.com/ Name: eyeblaster
Value: RES=32
.criteo.com/ Name: uid
Value: 7fee21b1-7d33-4ee6-847f-1b99768b9330
.walla.co.il/ Name: cto_bidid
Value: zDoQ1F95WE1oaFY5VXliJTJCcTZQOEc5azdGOERuRGhaOWVqVm1aUW5jJTJGNWppTVd2ejBXWHR4SURNVEs0T3V0dFJIcFl6MndpNHBqczg0dmVHZnR3M2ZpYjZoJTJGdyUzRCUzRA
.walla.co.il/ Name: cto_bundle
Value: OnUcc19BVFoxMkVCZmlsJTJCJTJGMlBxa1Nqbm1yU1ZEcTJPYzlxOThieEIwMUJYaWNlc21ydTNSdiUyQm9iWSUyRm04bmRsb0Y2QXRtcmtJRDlNbVJGMXFuRWlhbENLVzNMUU8lMkJIQyUyRmt6OExieFpsTkRkemRiTWp1MWk4OCUyRjJQVjFJbWdvVnFEMTNPU0J0Q0RLdFJJV1FGeHBVbWEzNjdjQSUzRCUzRA
.casalemedia.com/ Name: CMTS
Value: 5177
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2C''dZ']K!]tbd8i_iqf!oN/@E'zz<*Z0Qs%P9^@%Sg2_T'5G(@mNPMqJ#u.>Ifq*]%Iw<QG=%9sksRJ-)+FFqTW*08kuUV`TOD*eLS*!Lp4ZZ0.[VB<l`M+F3wn*s4l)8w=@5@'s>TGkdiG
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI5YjA4NTU0YzAxMjliMTU2ZTJmODEzOTE4OTMwYjQzNCIsImV4cGlyZXMiOiIyMDIyLTEyLTE5VDEyOjM3OjM0WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTA5LTIwVDEyOjM3OjMxWiJ9
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_05572df8-b312-4b60-be7a-c02a955b1b5e
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&03f26f39-1b14-4482-848b-598a58dfae30"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjM2Nzc0NTQ7MjswMjFePbQ2+nKcPu3KiLJ8SdcziMNaqylZLLlEueT0CLlvlA==
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2436:u=1:x=1:i=1663677454:t=1663763854:v=2:sig=AQHzNr3UxGwW1VM-3jk1fPCwjNcTgMmU"
.spotxchange.com/ Name: audience
Value: 00b6bc83-38e1-11ed-9e71-10b91cd50306
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~279o:175w~279o:198a~279o"
.csync.loopme.me/ Name: viewer_token
Value: e3db4219-e47b-4f79-9f2d-a21f1cf07a4e
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.smilewanted.com/ Name: sw_user_params_infos
Value: 58RrUsBNdKb94YLP81IpTG8Whmr6eKc4FZykKalEVK%2FmynkQIUfuCMbkesFcPo3Nwu7POZ6jWAjw352C%2FDYgz9ENkltrHK2xXA4gmryFuoNVMgMIHyba4pLKo%2BptW3bkws4%2FF9O53tVrNI6WdSGRcKO%2BP1%2FSW%2BNT12o3q3uSNB%2FVVdLnuDhJGS5dRy%2Bpvxa0iLT8tAwWzkZZJduEDXSFw8LgadtvNAbCbHRDwYGY1Gu39nzB3HbvOuXS3gr%2FtxVCB5l3bKCKxTIa3YiMYH4U8YOMDddJ68EMwV3v11%2Bulty%2BjtJ2fF0PG1ok%2FQgJAWrUQ8i57Wxr3G3hhAs2lTz0eplywMrsZoMq%2B56Aqqg0FFShBtT6rBZduyHfvInIyDg8aKYFcUKBWODnKDvDOxBG0M4uLUlTZ4zekHlzBcWRdSWvvWOI3GKKsyJcGjObKuq8bedBq5lpSnX2vAErNXZkeA%3D%3D
.amazon-adsystem.com/ Name: ad-id
Value: A7uOhG7jVE-Mi5od4OFweZ0

7 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-09-20
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDPI609iF1I17C5e3UeYJ_A&google_cver=1&google_push=AZmPxg8CVyKfqNqQIF4Quo5if9waKb85TcvCLjqA3OwLIN0MoCeeo7qIqXuglbXp7sQ7SSH45CQVYAo8ce7v5szhrx1_N0NdfEGuNw
Message:
Failed to load resource: the server responded with a status of 503 ()
javascript warning URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner.js(Line 110)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner.js(Line 110)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

860dff5b4d018cfeae73308b2dbecff0.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.creative-serving.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1h-euc1.zemanta.com
b1sync.zemanta.com
bidder.criteo.com
bs.serving-sys.com
c1.adform.net
cat.nl.eu.criteo.com
cdn.connectad.io
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.valuad.cloud
cdnjs.cloudflare.com
cf.dxmcdn.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
image6.pubmatic.com
images.wcdn.co.il
img.wcdn.co.il
js-sec.indexww.com
khn.crowdad.io
ledger.crowdad.io
lm.serving-sys.com
log.outbrainimg.com
mab.chartbeat.com
mabping.chartbeat.net
match.360yield.com
match.adsrvr.org
match.sharethrough.com
mcdp-nydc1.outbrain.com
mp.4dex.io
mug.criteo.com
mv.outbrain.com
odb.outbrain.com
onetag-sys.com
pagead2.googlesyndication.com
ping.chartbeat.net
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
prg.smartadserver.com
px.ads.linkedin.com
r.turn.com
rock.defybrick.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-ds.serving-sys.com
secure.adnxs.com
securepubads.g.doubleclick.net
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.walla.co.il
x.bidswitch.net
104.111.242.245
104.18.18.126
104.18.19.126
104.18.24.121
104.19.149.54
104.244.42.8
142.250.185.226
142.250.185.66
147.75.85.234
151.101.130.49
151.101.193.108
169.50.137.182
172.217.16.194
172.217.18.102
178.250.0.139
178.250.0.162
178.250.0.165
178.250.2.146
178.250.2.148
18.157.92.103
18.159.163.178
18.159.233.219
18.195.223.252
18.66.122.123
184.51.9.98
185.184.8.90
185.255.84.150
185.29.134.248
185.64.190.78
185.86.137.107
185.86.137.114
185.86.137.131
185.89.210.20
185.89.210.82
185.94.180.125
198.47.127.22
199.232.190.132
2.23.154.130
2001:4860:4802:36::178
2001:678:cb4:bbbb::11
205.185.216.10
213.155.156.166
213.19.147.44
213.227.153.221
23.35.229.181
23.35.236.201
23.35.237.86
23.79.143.124
2600:1f18:1aca:4280:bfca:ef07:3b11:9732
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:206e:400:11:da61:a100:93a1
2600:9000:223e:1c00:4:1c73:c740:93a1
2600:9000:223e:9800:1a:ba5c:3900:93a1
2600:9000:223f:5800:8:48e:53c0:93a1
2600:9000:223f:f800:1b:5138:8a40:93a1
2600:9000:236e:cc00:18:1fcd:351:7bc1
2602:803:c003:200::21
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:37ce
2606:4700:20::681a:9a9
2606:4700:20::681a:bd1
2606:4700:4400::ac40:98f5
2606:4700::6811:180e
2606:4700::6812:272
2606:4700::6812:c4c
2606:4700::6813:ad6c
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:808::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2014
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2004
2a00:1450:400c:c0c::9b
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::1c
2a02:fa8:8806:16::1400
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42:600::714
2a05:d018:d29:3605:81f0:8432:14d1:181d
3.120.64.210
3.126.140.73
3.126.56.137
3.126.61.30
3.33.220.150
34.251.36.59
34.251.78.188
34.98.64.218
35.227.252.103
35.244.159.8
37.157.6.252
51.89.9.253
52.222.214.43
52.222.236.20
52.46.155.104
52.59.79.58
52.95.126.160
54.155.65.255
54.165.188.56
54.237.24.134
54.72.99.24
64.202.112.95
64.74.236.223
66.155.71.149
69.173.144.139
69.173.144.165
72.251.249.13
76.223.111.18
85.114.159.93
95.101.27.22
00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111
011433338c235ea3627aac73d240be077565bffd3c27d85c8cc3d0a2ac3fcf45
0241bd5dbdad179fabfb2c31f9e92f69a6775fa10bce39b184d2e74fb0daf343
0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7
03baca21d7a98bc118436bcb698ecaafefff81373d472afdf259fdfe3f5c1a03
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
0683bcc8a763a2b2df502ed324958373a6aca0c9a9cf9b7c97e3bd389584bc4f
06df46e8295b5c81ee812982ef3422b2f0180f5b2f9b19b4850ad48d76619651
0748ed54da838511bade1a17bdf5b9b6dedc3260f31a1f3422cbf5963a03c6a5
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
08f2c4716e3b047abddd2876c7f406106c6f54ebbbebdffd75458777c0712c67
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c3f3c3c341bb479508a924226ba8b8d1733c60ed66182286561566acf2a189c
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
102ffb4dd24255e7ecb5770c868012b9897d59a9e91b6db5193dfbc6c913ab10
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f05beac5a85559e8e61dbb30473efc57aaa3c32177629c9893de09a65f3d30
11bd1d76db71a96e3b794af8b0ae43127973db0474696b87cf3f0bacb43f9802
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13396f6fa35de21e2addaff1cd2d0eeff08f65f461406f3f8312171397cd4f6d
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
196b7e399508118601fbd94f863e1987106c05b7862d6e327598e7ca368d1887
1a8d1a88faea7461f530758dd1ae3808d07241325a074bc518c1617daea4c883
1b3883caf456072334d9b81d17a1ff95a936f453c42a8a9352d33e2c7880da8b
1bd6ccbccc24d8f396e2372e1ab7752426f07b666b866e905971a488c755bed4
1d5683d58b251220fd51524d94a236369390b88e9e5937e77eb823340ed2db8a
1e0eae4931b0ecdee4c249178f066ee6c8db4c2d4dea9166728bb6e702e13927
1fd452fe849371f80b4933b2a03777b115b51c6b6d0b8034eaebf5f222a63e76
203bb6dfb40b0b710324d7ace7fc7529bbfa8c86fea9dfd8ad9a3a982999b4a3
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
21410b0529d2eba05f116a99ec420eca5c870ffc7c370224b3919225232a99fb
22e87bfe88b71349a9d80f50778376e01fa8a2062464c7c48f21c503c166926d
22f9852fc03b5fd491c82dba0d74246740272573b2b206ab1039c115b9d18075
230da5ee1003cc0154e909299b6e8910bade92fe77db6c5f290d03326de64022
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24e9c9104ff6de689bc0293a898644e71570ae463a8a15e54a54ce9d0db86c64
2574ce0c81ad6051c5b01b51cf14cdba73e815a8361a72bc567bb6bc755afbd4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962
272a83e862b01b93f18d36955fc51f754df6e632c23a514b3a8b4dac4ed6713e
2c5a5d63ef36f43f1242fa4a800bf20b3bb9897d4b8a657f6de27bdb4ec45f80
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cca84d1f895f0a1570768926ed42571cca8a8ad9d4ba8d07d1b7613f106bddc
2e1479915f8fff437c7067a539d53b3a1843c8de7b5044192dd582273c7f79a5
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e55f966e5d42979013d87e8a4de77fd04e331af39070fd2f21404a04aae61b
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34db11d23b1b71496d67661f658d3f0e00bd9537b98c02c32f5b621f838be247
34fd820d80e1f9f29d98a15178018960904ecb358b4891f59ac7a9fa4a706e26
365cb784422a909ee7de9f0633b0c84263fd65c0565354ca69159b64ede3d8c3
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a1ceee56e191a101e8d1f8f5c556901d5c80e70d1a151ee5ea8c176b868fa6a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c5c0ea3d8e29243e4f5aa2a6d3304112ba255a541cfa8f5225b40b1b301173a
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dbb3a402b228480bf65136a5db7964fbc8452afe08a87efe394154333224981
3e515b026175f87f4426ff6e4eeedcdcf5288ac728c6a75383fc10e4f764e44f
3e8b7be6748b3f6657e82e3025683d8bb0ab86bcac660150643a294f73d0bc23
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4254d6ebdad02b88a8691e71b6b58b19944bce76b249707f8d45e610d7b55f0a
43c662869b90b291f0a722aefbcc83aebaab24595d93a845fe60a41b8a6d74e2
472405e56a883bd892e0e2cf73f787d5ac7b8f5bea82679f6d9db83b67a5a873
481af60d5b3f5e1d6f489c9167431faaa90500e0674b5d5bff111cfa81894562
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49516ce0a6df0c6d94424868d40f729c1396a81afc19ede501bb4ba6781d6452
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb783745c49044457875353a1cc35aefc6d1d447f78c6e2e031937993c9e440
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3f1ef262e0115dd98da541eb4f9a87a20a5e739694f7552428c3b801ee58d3
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47
508c549c6e4923e86dbf5e002dbd202683b02a6c2a9420ef5648c6f6a8b7aaf4
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
52ddcbe70833d17fbdbe3e2e874d8961f531b78ff77a12a254a578a78697668a
543f84de5b577530111cbd0165a8502d83d8f1fbdca96237b14c6be2c72e32cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
57d203bc18131c6123d2e2b3bf97c30e376255284bd161c99121349592530be3
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5a23ea9d651f52cbe2a0c7dd74c4d918d49d5843aa9d0240d2e03fecc72174e3
5c08390419ff0e4331d4f91459b06b091a443aa1cd789c1421c0fb880a0473d3
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5f0798350303688edd86233b3c7e1285fb27786cc3626ea2b6464ce94c0313bb
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
61086c7facf3f810bb53e1d89a16d40c9dd312700775e7b0e719c336fb3df6e5
61828e0616891940f8bd0401376eef9601c939cc6f920bdc37513a2cd6933bd6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
620e514fc9d3ad619687a98b5ccfd098444496284f7dd2b574ade9f0a1fa2909
6256131a03a38f106991e77c47d8a7139360fb9da37c4b59e331c8a579eb2731
62b079af9903faac168b95bfb592aee1beb15e1266b6777418575c5f53caad5b
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c
6630892ef42d6cd559b6b6ee874016949fb190d449fcaad61a51ac54b0ca7502
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
670e28e9bbd70620a1efb786fc54bd788f1d9e1a995002c535c87d78c1bb4bd5
678d39883e4ec75821b21ad27000ebc8c4acd611f17e69612497c16cfc1b4ab0
69dd181526ec64c44662326fe0c33ee484a6b70ae3737d1593dc95c9ad7d0d33
6c92be27fa2e43f9c89b59fc60258b0aa3eca1170f36d36a5b4455d3e03339d6
6e454cb9c6eb2a780b258ab3daab5ce0db5c57028b3a0469d8c1b30ea9fdc0bd
6e5bcd0182d11a39048c1ae047caa66e83139e2978aa1299e6cd280e66a2912a
6ec9d937bc35f98c00e3eb886b4af45bd56a63189ba8f4340cdf37bb7a3e5284
6f067c7eb76737b279575f32bb91eb18e3f4785120adc26b5f77439e372f5131
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339
748c85ee7f2c3a5842e80fd14986b4354b89dd8f121d2aa0f2f1efc0d5ed8807
751512901e0579b0348e9809c27187ba09999e0e09c5a079f6b146164322a8e1
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
7efa40c6fb6de72bb1fd16ab3bb828559aa5ebf5838d9111b04982cb215b19a8
7f77b68401634f5b62bc13a76e37f75077ed34ea66c85d3a4a26a1b2e815ef65
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83b4a420cf94c962d797a6000639c2cf8bcfeaa534b63f27771460391b37bb6e
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8674c690e379aa2d7f8f84624402dc41902336d4c7044a931e34e247839463a2
86fed0f87402ce0fde9cdd3a0023fd4df2f277f5849744e61d4784e6470e02bc
876338a1211c7ddf69cfc5e548d0a1ed20b6b457f2db3a0383da314e9b8ab5ce
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ab9cfc1454c8ed12e08db7e966428e7bce017476e43efd08d1f397f8f10f76f
8b0956affa6c10c727a432f4c582ad61c5660da4f779e84c7aa1b2fb6ddd1e01
8bd8159a5ddab9d7c84289689bdaa92bb966823cbed4d0cfafb257d912e17810
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f20befad9053c6879825e4b2d2071ec2adfcbbec3a2a84196efc19667569453
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
90654e406297b417ee331ba0a0da3a8118d273ec5fa40a288f58f98650b36621
919955e889d271f73387b4455d37667a6a730e800dcdbd1461412810bbc5a6c6
94a3247c17b792495c89936116dc62cb14172a2e97a2b62cddb1972ba863ff93
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c2fff24329f1fe904135f52256900469efd1e77ae3da4b0f528094cd2123e1c
9fc226fd65f076d381de383a0c0296bb3f0f74ca7c1c5821527d6668f5bba4fc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a026020138b68e933987b97d17fc8737723e05f77ecd00322cb149c3c3ad6761
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1681234a96e53ff6b079b50051b8b4ed63ea554531d9a02dea4c9d59e8ad89f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2b8bf705624a3e4cda631b10fa125eed7474244e880955b58062c4f8e4dce37
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a521ba5eba3a8f11b3a4d0640931be57ec5c53a3c9218015ebc6c9d3d45134a2
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7366672c7309113ce12beb12478774bc7ed93bc3f066f38bb3bf5c57485e47f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75b27e83ebb03509299605716e7d700df425e9a71a15ad1bbf3a066e05483bb
a7aab5982e91f0230371a967c86f2538c9bcad739b2ce743dbf0f5a9c7053bb3
a89dd6c18af335cf9bc676ae725c4378790c0bf1a4b52c4681c7db00d697d380
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336
a9ec911db2ab87570c430bedf2e40f78bfe082b195cc36075f36b1bbcbb45510
aa51510198fc6bd4164158e7c5803366afb19b4133760a956292bc70c5b54596
aa7b609bbbf42b27ede9b400dce3f2f1589f946ab8cab2e6abf398bc61a440ee
ac1fdaf62e867419d7354517d0c520e7dbb1039c7e01af281193217e79ee6dbe
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b483361cbed6f24acd627aa9d1827d7921d8b00e3635f49e0ec80e150e941add
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b619a47183355bd1a79d2735f24ac8d4be95c5751ae2d5aee9725185970a1824
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd93e063fc68291ae00806bdf2a35eb93ec7160a9d26bf13a6b0b0f235258722
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bdf39a7fddcfb048c35c871282ce0f1de7866e18be3cf1353da9262b509fa0e4
bef2a4738230cc9758cc008478c2d9b9ee3966170526cc82021a79cbb2b2748e
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b6d8cff59248bad2503e0162bf35c3d33f891639b7905ea3611a5c5889995e
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9b55f58001f9c727e3678d0883448fa3b37dbe8f4afa62045223dd41a2ea56a
cafdc4549bc5b090f26628c1e82ee430a6901dfcc1668f288f8d3a06966f9cb5
cccfbd3200304986084060cff977059fbd45ff060bfc8a6f1e11e23639fd7453
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2fd4a4e6a54380d2af815b937bd38896500b3ef1b985595fc1222a1b501a83c
d3cb23a5ee8f3c89f8feb92e12a40014f93b7c5a3e6a1c6e0f4491425e56a72d
d77d27666cbecfe4cd9149a720ac6abe85c7cae793ae3c90fbfbb608df84d54d
d7abb302c9c1e55633395bf3b82b4bed7d63804223437d9879fff049895ec72d
d7cae7cc6964d7ddd3374db2a2a4b444ea2db2770c1151a9a900f11506a7f273
d827f09c6a1b895f157ba83e5155e3834bb21ffc887e6281c5fb9473bce8866f
d893b52c15c264dbb26367265475b2a2229dc4fc09973bd269d59c3c3f66999f
da57e8ce08f90507c31a3cf3bc3371e8cf1cecd3efd86b5639b1d65cb4f3ebe3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6bf035e9195f0b9f69ddc8a8a0431deaa22504c56412d03dd103beb35ab2d7
df9948d64acb00c120474d93397e7ef48d77429e60cfbb602a5440fccfd2cc6a
dffbcc1bb6da81a07cd852656f4afc1d8ffc098080cd31d62bcf273d078622ee
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e0abd34e65ff29023ec1ead23ee5781cc38cea32b316322be5cc4cad2a067bc6
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e188bac2633600ce8bafab06429651ecc0cab83851fc6f844f016580c7c6f4c8
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08
e604a7d82ddcd2bb7d3ec6b2cb993ecf24deeea12c55b8d2a776e997724f9ca7
e683b2d59e42e80de01f14ed79bab8b6979f53c0f9f189ef5569114005bde97f
e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e90afefe008174901648b6984e3849d61ab51fcd2f9c260cb182f1b9eded2b4f
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edd4d9c515c398baf420a025641816721bdc7f67945144fe15a1058f6c75e667
eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0064820575abefc74d8460f01f7d01e7b13970796d77d34fbe1fd10dc5a5ca8
f1d596625e6037ae240480f6299de880fd7dfe6d634fb734ecc4bae03e5296aa
f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741
f77a83352c60edad41a760d14b706ebfe664f582deed79cd122f2791f5fc88c9
f786ae47dc52c00fb2c3f5c60c167be62ace26c2239067b14230abd41f5c9d89
f80d1fc0202648b4a929793d6e602b8101e0c46467bc0d60e6c085540b362a94
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382
fd79a7c6c40b906bce55c55e98b67210c359e46d6058bff6b94a5afcf5b2b1ad
fe0c571825cdac985f0bee57e6814bdb2152d60ef6b01b443a505501f1bc45de
feeafa2ecf74ffd3d8617b2e9dbf5ad76c7180c564c5d5b83aa15956f551f892