urlscan.io logo urlscan.io
SecurityTrails logo

sports.walla.co.il Open in urlscan Pro
18.66.30.8  Public Scan

Go To Rescan Add Verdict Report
URL: https://sports.walla.co.il/
Submission: On December 12 via api from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 118 IPs in 13 countries across 101 domains to perform 569 HTTP transactions. The main IP is 18.66.30.8, located in United States and belongs to AMAZON-02, US. The main domain is sports.walla.co.il. The Cisco Umbrella rank of the primary domain is 274838.
TLS certificate: Issued by Amazon on April 27th 2022. Valid for: a year.
This is the only time sports.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 18.66.30.8 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
24 18.66.122.25 16509 (AMAZON-02)
22 185.237.97.111 204548 (CLOUDWEBM...)
1 205.185.216.10 20446 (STACKPATH...)
4 2606:2800:234... 15133 (EDGECAST)
2 2600:1901:0:d... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
3 18 185.89.211.116 29990 (ASN-APPNEX)
1 34.241.12.204 16509 (AMAZON-02)
4 52.19.214.89 16509 (AMAZON-02)
4 95.100.70.65 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 13.224.194.123 16509 (AMAZON-02)
2 151.101.65.44 54113 (FASTLY)
1 2.16.185.101 16625 (AKAMAI-AS)
4 2001:4860:480... 15169 (GOOGLE)
1 18.66.137.146 16509 (AMAZON-02)
8 2.18.234.190 16625 (AKAMAI-AS)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 2600:9000:236... 16509 (AMAZON-02)
1 142.250.185.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.172.108.72 14618 (AMAZON-AES)
2 104.244.42.8 13414 (TWITTER)
3 11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 18.65.48.97 16509 (AMAZON-02)
2 18.66.122.74 16509 (AMAZON-02)
1 142.250.186.134 15169 (GOOGLE)
5 88.221.168.201 16625 (AKAMAI-AS)
3 33 104.22.69.131 13335 (CLOUDFLAR...)
18 146.75.118.132 54113 (FASTLY)
1 4 141.226.228.48 200478 (TABOOLA-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
9 185.86.138.122 201081 (SMARTADSE...)
2 3.224.217.10 14618 (AMAZON-AES)
2 185.255.84.150 200271 (IGUANE-)
3 216.52.2.39 30282 (AS-INAPCD...)
3 213.227.153.223 60781 (LEASEWEB-...)
2 2a02:2638::24 44788 (ASN-CRITE...)
2 18.185.209.117 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
4 51.89.9.254 16276 (OVH)
6 2602:803:c003... 26667 (RUBICONPR...)
4 10 104.18.33.19 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 35.244.159.8 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 26 64.202.112.159 23352 (SERVERCEN...)
1 1 23.32.238.50 20940 (AKAMAI-ASN1)
3 35.158.254.41 16509 (AMAZON-02)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2.23.193.156 16625 (AKAMAI-AS)
4 7 185.86.137.132 201081 (SMARTADSE...)
2 2 54.220.11.177 16509 (AMAZON-02)
7 12 69.173.144.138 26667 (RUBICONPR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 47 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 185.64.190.78 62713 (AS-PUBMATIC)
6 2a00:1450:400... 15169 (GOOGLE)
4 5 37.157.3.28 198622 (ADFORM)
3 3 103.229.206.241 30419 (MEDIAMATH...)
11 185.64.189.110 62713 (AS-PUBMATIC)
3 3 213.155.156.165 1299 (TWELVE99 ...)
5 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 4 52.95.126.160 16509 (AMAZON-02)
8 30 142.250.185.98 15169 (GOOGLE)
5 198.47.127.20 3257 (GTT-BACKB...)
1 1 141.94.171.213 16276 (OVH)
3 52.49.181.242 16509 (AMAZON-02)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
5 52.223.40.198 16509 (AMAZON-02)
2 2a02:2638:1::2 44788 (ASN-CRITE...)
2 2a02:2638:1::4 44788 (ASN-CRITE...)
16 2a02:2638::3 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
2 2600:9000:206... 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
14 2a02:2638:1::8 44788 (ASN-CRITE...)
5 2a02:2638:1::17 44788 (ASN-CRITE...)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 151.101.194.49 54113 (FASTLY)
7 7 3.65.71.95 16509 (AMAZON-02)
2 2 18.158.120.155 16509 (AMAZON-02)
1 35.227.252.103 15169 (GOOGLE)
2 4 76.223.111.18 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
4 151.101.1.108 54113 (FASTLY)
2 104.109.78.125 16625 (AKAMAI-AS)
4 104.18.36.94 13335 (CLOUDFLAR...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 54.208.68.206 14618 (AMAZON-AES)
5 5 52.30.188.40 16509 (AMAZON-02)
1 1 198.148.27.140 19189 (PULSEPOINT)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 54.84.251.28 14618 (AMAZON-AES)
1 1 3.124.147.209 16509 (AMAZON-02)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
4 4 18.156.0.31 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.243 21859 (ZEN-ECN)
1 9 185.80.39.216 27381 (CASALE-MEDIA)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 63.251.232.170 32475 (SINGLEHOP...)
2 2 3.124.154.128 16509 (AMAZON-02)
1 172.64.154.237 13335 (CLOUDFLAR...)
1 1 185.183.112.155 60350 (VP)
1 3 209.54.182.161 16509 (AMAZON-02)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
2 2 185.89.210.180 29990 (ASN-APPNEX)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 2620:1ec:21::14 8068 (MICROSOFT...)
4 4 185.94.180.126 35220 (SPOTX-AMS)
3 3 35.214.223.115 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 213.19.147.45 3356 (LEVEL3)
1 195.5.165.20 44968 (IPROM-AS)
1 5.161.54.172 213230 (HETZNER-C...)
1 1 141.94.240.143 16276 (OVH)
1 1 141.94.171.212 16276 (OVH)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 1 159.65.194.197 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 2.18.235.93 16625 (AKAMAI-AS)
569 118
30    18.66.30.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-30-8.bom78.r.cloudfront.net
sports.walla.co.il
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:9000:223c:d800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
11    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
24    18.66.122.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-25.fra60.r.cloudfront.net
images.wcdn.co.il
22    185.237.97.111 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
admin.teleline.co.il
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
4    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
expansioneggnog.com
5    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:206f:ce00:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:223e:5400:4:1c73:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
6    2a00:1450:4001:82b::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
18    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    34.241.12.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-12-204.eu-west-1.compute.amazonaws.com
ledger.crowdad.io
4    52.19.214.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-214-89.eu-west-1.compute.amazonaws.com
khn.crowdad.io
4    95.100.70.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-70-65.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.224.194.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-123.fra2.r.cloudfront.net
d29k50lkkhkjby.cloudfront.net
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    2.16.185.101 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-185-101.deploy.static.akamaitechnologies.com
www.aaxdetect.com
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    18.66.137.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-146.fra60.r.cloudfront.net
d2muzdhs7lpmo0.cloudfront.net
8    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
4    2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:9000:236e:f800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    35.172.108.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-108-72.compute-1.amazonaws.com
ping.chartbeat.net
2    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
11    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
8    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    18.65.48.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-48-97.eze50.r.cloudfront.net
ecdn.analysis.fi
2    18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-74.fra60.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
5    88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
33    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
prebid.smilewanted.com
18    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
sync.taboola.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
9    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    3.224.217.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-217-10.compute-1.amazonaws.com
hb.minutemedia-prebid.com
2    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
3    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
3    213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1h-euc1.zemanta.com
2    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    18.185.209.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-209-117.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
6    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
10    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
2    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
26    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
b1sync.zemanta.com
1    23.32.238.50 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-50.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    35.158.254.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-254-41.eu-central-1.compute.amazonaws.com
match.sharethrough.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
5    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
4    2.23.193.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-193-156.deploy.static.akamaitechnologies.com
images.outbrainimg.com
7    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
rtb-csync.smartadserver.com
2    54.220.11.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-11-177.eu-west-1.compute.amazonaws.com
ice.360yield.com
12    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
5    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
47    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
11    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
30    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
5    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
1    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
3    52.49.181.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
16    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
2    2600:9000:206f:8000:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
14    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
5    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
7    3.65.71.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-71-95.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    18.158.120.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-120-155.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    54.208.68.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-68-206.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    52.30.188.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-188-40.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    54.84.251.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-251-28.compute-1.amazonaws.com
a.audrte.com
1    3.124.147.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-147-209.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
4    2a05:d018:d29:3605:f9a9:36e4:6c12:d8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
9    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    63.251.232.170 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-mon-1.sys.adgear.com
cm.adgrx.com
2    3.124.154.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-154-128.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
1    141.94.240.143 (France)

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh
green.erne.co
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel-eu.onaudience.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    159.65.194.197 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
c21lg-d.media.net
Apex Domain
Subdomains		 Transfer
64 googlesyndication.com
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
655 KB
50 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1381
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3216
odb.outbrain.com — Cisco Umbrella Rank: 1566
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5884
mv.outbrain.com — Cisco Umbrella Rank: 3034
277 KB
43 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
ad.doubleclick.net — Cisco Umbrella Rank: 164
static.doubleclick.net — Cisco Umbrella Rank: 199
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
346 KB
35 criteo.net
static.criteo.net — Cisco Umbrella Rank: 662
pix.eu.criteo.net — Cisco Umbrella Rank: 11597
csm.eu.criteo.net — Cisco Umbrella Rank: 11957
143 KB
34 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 470
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 440
image6.pubmatic.com — Cisco Umbrella Rank: 680
simage2.pubmatic.com — Cisco Umbrella Rank: 657
image2.pubmatic.com — Cisco Umbrella Rank: 882
image4.pubmatic.com — Cisco Umbrella Rank: 805
simage4.pubmatic.com — Cisco Umbrella Rank: 1198
aud.pubmatic.com — Cisco Umbrella Rank: 4558
128 KB
33 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 3830
static.smilewanted.com — Cisco Umbrella Rank: 9748
prebid.smilewanted.com — Cisco Umbrella Rank: 5823
50 KB
30 walla.co.il
sports.walla.co.il — Cisco Umbrella Rank: 274838
1 MB
24 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 430
87 KB
24 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 141259
503 KB
22 teleline.co.il
admin.teleline.co.il — Cisco Umbrella Rank: 623316
191 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
dsum.casalemedia.com — Cisco Umbrella Rank: 1329
16 KB
20 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 451
pixel.rubiconproject.com — Cisco Umbrella Rank: 321
eus.rubiconproject.com — Cisco Umbrella Rank: 547
token.rubiconproject.com — Cisco Umbrella Rank: 551
18 KB
16 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 734
dis.criteo.com — Cisco Umbrella Rank: 700
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 18634
ads.eu.criteo.com — Cisco Umbrella Rank: 11394
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 14558
gum.criteo.com — Cisco Umbrella Rank: 399
mug.criteo.com — Cisco Umbrella Rank: 3032
118 KB
16 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1508
sync.smartadserver.com — Cisco Umbrella Rank: 1466
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 563
5 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
2 KB
8 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
3 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
3 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1090
s.amazon-adsystem.com — Cisco Umbrella Rank: 276
5 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
region1.google-analytics.com — Cisco Umbrella Rank: 3983
20 KB
6 gstatic.com
fonts.gstatic.com
120 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 501
eb2.3lift.com — Cisco Umbrella Rank: 350
2 KB
6 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1066
trc.taboola.com — Cisco Umbrella Rank: 693
trc-events.taboola.com — Cisco Umbrella Rank: 1667
sync.taboola.com — Cisco Umbrella Rank: 972
20 KB
6 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 92760
157 B
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 758
syndication.twitter.com — Cisco Umbrella Rank: 1118
166 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
261 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 476
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 639
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 388
109 KB
5 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4968
sync-eu.connectad.io — Cisco Umbrella Rank: 3559
2 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 667
rtb.openx.net — Cisco Umbrella Rank: 1545
902 B
5 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 20839
b1sync.zemanta.com — Cisco Umbrella Rank: 560
9 KB
5 crowdad.io
ledger.crowdad.io — Cisco Umbrella Rank: 140071
khn.crowdad.io — Cisco Umbrella Rank: 116900
251 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
349 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 592
3 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
cdn.indexww.com — Cisco Umbrella Rank: 1503
3 KB
4 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2350
128 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 565
1 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 727
731 B
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1805
mp.4dex.io — Cisco Umbrella Rank: 1976
25 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 7952
adservice.google.de — Cisco Umbrella Rank: 11832
1 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
233 B
4 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 2926
l3.aaxads.com — Cisco Umbrella Rank: 3924
121 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 33645
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 35447
739 B
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 764
639 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
862 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 752
795 B
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5026
829 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 447
2 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 506
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 604
909 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
196 KB
3 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
d29k50lkkhkjby.cloudfront.net
d2muzdhs7lpmo0.cloudfront.net
8 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1361
mab.chartbeat.com — Cisco Umbrella Rank: 2305
25 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 795
s.tribalfusion.com — Cisco Umbrella Rank: 1875
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2173
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1368
563 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 743
943 B
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1859
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1157
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4013
625 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3892
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2681
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2963
208 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 644
950 B
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1470
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 810
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3275
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19004
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1987
645 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3654
1 KB
2 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3330
821 B
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 25194
cdn.firstimpression.io — Cisco Umbrella Rank: 24908
104 KB
2 expansioneggnog.com
expansioneggnog.com — Cisco Umbrella Rank: 152224
28 KB
1 media.net
c21lg-d.media.net — Cisco Umbrella Rank: 1737
296 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3817
464 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2182
555 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 22617
367 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6185
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5740
277 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 372
704 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 713
757 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1541
366 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1431
300 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 591
191 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6531
324 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2637
382 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 526
511 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 692
615 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1494
524 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 16255
552 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 636
612 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 396
2 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 28896
5 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1247
201 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 171
17 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 544
465 B
1 aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 5409
323 B
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2610
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 141383
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 141243
245 KB
569 101
Domain Requested by
47 tpc.googlesyndication.com 1 redirects sports.walla.co.il
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
30 sports.walla.co.il sports.walla.co.il
24 mcdp-nydc1.outbrain.com widgets.outbrain.com
24 csync.smilewanted.com 3 redirects cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
24 images.wcdn.co.il sports.walla.co.il
22 cm.g.doubleclick.net 8 redirects 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
sports.walla.co.il
22 admin.teleline.co.il sports.walla.co.il
18 ib.adnxs.com 3 redirects cdn.valuad.cloud
csync.smilewanted.com
acdn.adnxs.com
16 static.criteo.net ads.eu.criteo.com
cdn.valuad.cloud
static.criteo.net
15 odb.outbrain.com widgets.outbrain.com
14 pix.eu.criteo.net ads.eu.criteo.com
11 pagead2.googlesyndication.com 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
11 simage2.pubmatic.com ads.pubmatic.com
11 www.google.com 3 redirects sports.walla.co.il
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 securepubads.g.doubleclick.net www.googletagservices.com
sports.walla.co.il
securepubads.g.doubleclick.net
9 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 prg.smartadserver.com cdn.valuad.cloud
8 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
8 pixel.rubiconproject.com 3 redirects csync.smilewanted.com
sports.walla.co.il
7 x.bidswitch.net 7 redirects
7 googleads.g.doubleclick.net www.googleadservices.com
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
7 widgets.outbrain.com sports.walla.co.il
widgets.outbrain.com
6 fonts.gstatic.com fonts.googleapis.com
6 sync.smartadserver.com 3 redirects csync.smilewanted.com
6 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 prebid.smilewanted.com cdn.valuad.cloud
6 fastlane.rubiconproject.com cdn.valuad.cloud
6 hb-dot-valuad.appspot.com cdn.valuad.cloud
6 www.googletagservices.com sports.walla.co.il
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
5 match.prod.bidr.io 5 redirects
5 csm.eu.criteo.net ads.eu.criteo.com
5 match.adsrvr.org ads.pubmatic.com
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
sports.walla.co.il
5 image2.pubmatic.com ads.pubmatic.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 ads.pubmatic.com cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
5 www.googletagmanager.com sports.walla.co.il
www.googletagmanager.com
4 sync.search.spotxchange.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 acdn.adnxs.com cdn.valuad.cloud
4 gum.criteo.com 2 redirects static.criteo.net
4 eb2.3lift.com 2 redirects cdn.valuad.cloud
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
sports.walla.co.il
4 images.outbrainimg.com sports.walla.co.il
4 creativecdn.com 4 redirects
4 u.openx.net cdn.valuad.cloud
4 onetag-sys.com cdn.valuad.cloud
4 www.facebook.com sports.walla.co.il
4 region1.google-analytics.com www.googletagmanager.com
4 khn.crowdad.io d2r08ja41ypc0t.cloudfront.net
4 platform.twitter.com sports.walla.co.il
platform.twitter.com
3 csync.loopme.me 3 redirects
3 mv.outbrain.com widgets.outbrain.com
3 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
sports.walla.co.il
3 mug.criteo.com sports.walla.co.il
3 simage4.pubmatic.com ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 sync.crwdcntrl.net ads.pubmatic.com
3 d5p.de17a.com 3 redirects
3 sync.mathtag.com 3 redirects
3 cdn.connectad.io csync.smilewanted.com
3 match.sharethrough.com csync.smilewanted.com
3 b1h-euc1.zemanta.com cdn.valuad.cloud
sports.walla.co.il
3 ap.lijit.com cdn.valuad.cloud
3 trc-events.taboola.com cdn.taboola.com
3 static.smilewanted.com csync.smilewanted.com
3 connect.facebook.net sports.walla.co.il
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 c.aaxads.com expansioneggnog.com
sports.walla.co.il
c.aaxads.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.1rx.io 2 redirects
2 b1sync.zemanta.com 2 redirects
2 secure.adnxs.com 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 a.sportradarserving.com 2 redirects
2 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 ad.turn.com 2 redirects
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 js-sec.indexww.com cdn.valuad.cloud
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 ads.creative-serving.com 2 redirects
2 cms.quantserve.com 1 redirects 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
2 secure-gl.imrworldwide.com ads.eu.criteo.com
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
2 rtb.nl.eu.criteo.com sports.walla.co.il
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 sync-eu.connectad.io cdn.connectad.io
2 ice.360yield.com 2 redirects
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 mp.4dex.io cdn.valuad.cloud
2 htlb.casalemedia.com cdn.valuad.cloud
2 hbopenbid.pubmatic.com cdn.valuad.cloud
2 tlx.3lift.com cdn.valuad.cloud
2 bidder.criteo.com cdn.valuad.cloud
2 hb-api.omnitagjs.com cdn.valuad.cloud
2 hb.minutemedia-prebid.com cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 www.google.de sports.walla.co.il
2 syndication.twitter.com platform.twitter.com
sports.walla.co.il
2 expansioneggnog.com sports.walla.co.il
expansioneggnog.com
2 static.chartbeat.com sports.walla.co.il
1 c21lg-d.media.net c.aaxads.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 idsync.frontend.weborama.fr
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 px.ads.linkedin.com sports.walla.co.il
1 p.rfihub.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 sync.taboola.com 1 redirects
1 sync.adotmob.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 rtb.openx.net 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
1 dclk-match.dotomi.com 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 static.doubleclick.net sports.walla.co.il
1 ads.stickyadstv.com 1 redirects
1 cdn.jsdelivr.net cdn.valuad.cloud
1 cdn.firstimpression.io ecdn.firstimpression.io
1 ad.doubleclick.net sports.walla.co.il
1 ecdn.firstimpression.io sports.walla.co.il
1 ecdn.analysis.fi sports.walla.co.il
1 widget-pixels.outbrain.com sports.walla.co.il
1 ping.chartbeat.net sports.walla.co.il
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 static.adsafeprotected.com expansioneggnog.com
1 l3.aaxads.com sports.walla.co.il
1 d2muzdhs7lpmo0.cloudfront.net d29k50lkkhkjby.cloudfront.net
1 trc.taboola.com cdn.taboola.com
1 www.aaxdetect.com sports.walla.co.il
1 cdn.taboola.com sports.walla.co.il
1 d29k50lkkhkjby.cloudfront.net sports.walla.co.il
1 ledger.crowdad.io sports.walla.co.il
1 d2r08ja41ypc0t.cloudfront.net cf.dxmcdn.com
1 cdn.permutive.com cf.dxmcdn.com
1 mab.chartbeat.com static.chartbeat.com
1 cf.dxmcdn.com sports.walla.co.il
1 cdn.valuad.cloud sports.walla.co.il
569 164
Subject Issuer Validity Valid
*.walla.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.wcdn.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
admin.teleline.co.il
R3		 2022-12-12 -
2023-03-12		 3 months crt.sh
valuad.cloud
E1		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
expansioneggnog.com
R3		 2022-11-13 -
2023-02-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
cf.dxmcdn.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
crowdad.io
Amazon		 2022-09-28 -
2023-10-27		 a year crt.sh
*.aaxads.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-20 -
2022-12-19		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.aaxdetect.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
analysis.fi
Amazon		 2022-11-03 -
2023-12-02		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
hb.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh

This page contains 100 frames:

Primary Page: https://sports.walla.co.il/
Frame ID: AC7158AD0F18C78460046FF88E414AC2
Requests: 260 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fsports.walla.co.il
Frame ID: 23BB545FA38EAF60E90774E1666BBE3D
Requests: 2 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-list/screen-name/WallaSport/slug/list2?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19zaG93X2J1c2luZXNzX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=he&maxHeight=416px&origin=https%3A%2F%2Fsports.walla.co.il%2F&sessionId=ca91a92f43fe1c801f633d23017233bc4a80bfe1&showHeader=true&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Frame ID: 3EF252195AE8DFE05A0F50FFE2218BD7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3204901CB476F6CDE0D27C48B7BB0B0A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 412197065E98DECB91EB2565C0835641
Requests: 1 HTTP requests in this frame

Frame: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F47C5F5BCA5E2DC1E2BBFD34243C39BB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 5738CD55D40770CAD483CFFB81F9FE38
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/716c6e65df0474cf191366483e402d?gdpr_consent=&gdpr=0
Frame ID: 905C182EF3E6C89109FFBD1B0C2E24BF
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 702B3860AA62A1BD0B2833262069CD82
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted&tc=1
Frame ID: BA0DC2774135126AE8396F075F1A4A84
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
Frame ID: 5CE7B66E2651231CCEBB1A3587408EEC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 41664AA79DA8F94630B4F48DD7D52F99
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 2119CEAB583197EE01D2AB997B8E06A4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/fc8d9096-0f56-4abb-a2ff-69394e9c0439&partner_id=1010
Frame ID: 642A8DCBB108633E07FB437281BA7894
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: D46C0ECBA5394CAC0B6B52A3B0FFAC8E
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: E405F466637E70DA686648747E462E63
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 34E7FDE9B3442BFC70A1A477FF6F4F93
Requests: 11 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
Frame ID: 1596ECA8707E09EB8672FFCDAF277B95
Requests: 1 HTTP requests in this frame

Frame: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C8D6BDD1B91CB2DAFCD7B0E4DF2600F0
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs
Frame ID: 33C4A676AC90074B505B9D214B36B77E
Requests: 14 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent=
Frame ID: 78F00C9F488E00061B44858989FF7E45
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:39ab6397-0a17-4f00-915b-4af970bb99c0&gdpr=0&gdpr_consent=
Frame ID: 386BC83A2D94DEFE85B2CBADE2E5452B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=692755142150893309
Frame ID: C0BD7E22479345E3EA9D3C137B47E6F3
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8DE12792F1C9129C3181AA9ED769FBCC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD93BD3F-D315-4E92-ADC1-8C014848E39B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 8EA2E3FD6F934C034E28B4431DB7ECC3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8565284698728386972&gdpr=0&gdpr_consent=
Frame ID: 07116A0BE287DE5697867574CD922A19
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/DD93BD3F-D315-4E92-ADC1-8C014848E39B
Frame ID: ABB1F66098D41648B76A2F1408E71B12
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 9AB5B42BD35A38DA939B1B36F83FD500
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C28189C3688E5143956CBE1BCB830254
Requests: 9 HTTP requests in this frame

Frame: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 961B53FBBE610EAEE90D0F960B5220D3
Requests: 9 HTTP requests in this frame

Frame: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C0C4BFA4C34FFD040B692637B9EF049A
Requests: 8 HTTP requests in this frame

Frame: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C8E0CBE7B73E85F1CA26F3A77CFD3497
Requests: 8 HTTP requests in this frame

Frame: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F0BF8FA2F43F6EFCDF1B122AD5408ED8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Frame ID: FA3BC46D8AAB40C50463405FB800968B
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/index.html
Frame ID: 37AB42E8A0EA7B5CE8F32C30223FDCB5
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/index.html
Frame ID: 40E344D70EDB7F0CFD31EED91086D1CF
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: E57DB1E6A2A90878F46EC6CAD0727E00
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0D04112F8F8129E0771D75B7E44228CB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C6A74C22D01C9BCE8D21DD9EDB2EDF0F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E27E88898C3B6DE549BFA51F54E5839
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2123C2AB6ABA9C91C1E88C7E67BC98E3
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 810369495E5364EF398E13167A39BFB7
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E979C294B4133DF83765412D0164710A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 43EFD38DFBB733CE7662AE1C17017F58
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6A0479893E1562EE0B17675A2E3B1122
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 7EF3E92196806652A90666E9D3207066
Requests: 12 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: BB31A75258E5BCEEC77071508E9120ED
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AD63C933D30A979BDF568B58BE0EE245
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: B2486FB6D5AC76600549B3AA6B91F81A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 48A5DFDCFDC351C265311E53F1D6DDF1
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 974FAA3623AFDBD74D4EF6C098C05537
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670842903303
Frame ID: 7D6FA2EAC82C9E202819BCA0DE3FCC82
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1E358BD0D8CB73C4D8BB15725F02BACF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 534D77C6D58932D43CEA7A617B39FC25
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: B3D4D860BAC6BA4FF97D1CD4B2934635
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670842901773
Frame ID: C6A1CC21126F47A781753DD6F09DC6CF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5CFEFAA8C56A09BAFB460B4A57473BAF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A6B4555B0BFC684D758FF934642CF15C
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13421168
Frame ID: 00BD404434F97C2E82155A7791EF0BB3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 410CBC5339781F335CC411BA0E4EE408
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DF7943D52E0A0B28CCA72897887FD331
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=K0Ed8C0TFfAwSkKme0EJoihCHPYwFhz2eUT7AFjX
Frame ID: FE2A5CF72C69A0383BF4FD67FDCE0662
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7176215633735710867&gdpr=0&gdpr_consent=
Frame ID: 633A38B27153E82108CB43B8B9973076
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OOy_Hp7DQvxiW6M3xYRcWLnVm6g
Frame ID: 017373699D3EF4626A4C3221A2A9AF15
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACHqU7HLhQAACBR-TR8Fw&gdpr=0&gdpr_consent=
Frame ID: 56E99B4B8025F4A827D9AFF916B6A912
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5cKFwADbRJdvQAF&gdpr=0&gdpr_consent=
Frame ID: 0B7421F28D94DE44AA2E33ED0A8D9625
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: CB8FDD3DE6CBD2A821E4F3895210C447
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 373161B1B3DBAF66A8434B990AAC7E43
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 5DF1120E2BDE639C6D800D0C8F779FAF
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 466D52CF6F614A4687CA137A313F3E84
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted
Frame ID: C0EFB1D60D8BCC5FC62F6576B7187088
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted
Frame ID: 585BA0A0EED76105D0DEE5CBD9DD0164
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
Frame ID: 4500B572FF0B91E0B8C23307E18A5530
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
Frame ID: E1E845E5A3FF10369D41211C13B886FF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: C28C1A290782EF6A2D30C252C0D49CBC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: ED5CED36F3EEE35E6FEECC2F37910E06
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 9CC1B8C766739791B3AC86236AF5AF6B
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 519BF68020A86D6688D88A8E5BDBDD21
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 6B0802F23F2F78BC65CE33FC6025B68B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 9917986124EE6E9542FBACD048C47C4F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 5F23FE72285CA47EA66B4A40C6DAA805
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
Frame ID: F926A8523C79DDDD467AD1524FDD7AE0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
Frame ID: F1035A6C8F2A9F61F063C5DA35D4BDBE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/5e30d8be-7a0c-11ed-b590-1342c0320306
Frame ID: B9307E11DE11B4F45BB83F67923C0676
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/5e30d8be-7a0c-11ed-b590-1342c0320306
Frame ID: 68D45D1A83AEE575FF37C49C5D033597
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: D6039356E5FBD47A1CF5A39C66A198C4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: EED06DC6BC33D25C2DC1F769F576190E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/loopme/30b1312e-0efd-40d6-b01f-c8fd19672a6e?gdpr_consent=null&gdpr=0
Frame ID: C204DA6D999F5602DC8ABCFB0318EE98
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/loopme/a31e22f6-2ef0-4b97-a8d8-038e9bbd604a?gdpr_consent=null&gdpr=0
Frame ID: B40B45E1909CD39FF69495D95845E0FF
Requests: 1 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAX32BW87&fv=1&fy=37&ke=1&suylg=214%2C3007%2C292%2C3014%2C265%2C203%2C356%2C97%2C3012%2C282%2C141%2C225%2C271%2C291%2C272%2C178%2C108%2C82%2C295%2C159%2C222%2C109%2C175%2C274%2C38%2C3010%2C209&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: E4F27DC09E1323B03F905A5CB14CFBAE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sports.walla.co.il
Frame ID: A9A71292726410000AAA17C9CD64C348
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 2FBE0F01B3727A4D7A9028E035C35928
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: ACEB4B71B7D96FA142F3FB0FDCCC1795
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8778424044
Frame ID: 28FDFD752665D35C2D72CC85048AA245
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: FCE686A82FB929996F472861CC88F469
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 74B34006006806CC24D6652598A2DB72
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A91D39EFBE5A0B18DA7A9BDB81B719A8
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRjWSngSSUQhYVMjU
Frame ID: 88988B1A2E94B6DAACE02A12E92B3B33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C1361B42BCE083A4D86AAAD70F0CDF42
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2CA3E60758C5F3B2AA8F827304CE04EC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! ספורט | חדשות ועדכוני ספורט, כדורגל ישראל ועולמי, כדורסל, NBA, תקצירים ותוצאות - וואלה! ספורט

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

569
Requests

91 %
HTTPS

33 %
IPv6

101
Domains

164
Subdomains

118
IPs

13
Countries

5816 kB
Transfer

14618 kB
Size

120
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=71c96c2e-28ed-46d5-8f22-c2128f32fb94&adnxsUserId=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D71c96c2e-28ed-46d5-8f22-c2128f32fb94%26adnxsUserId%3D%24UID HTTP 302
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=71c96c2e-28ed-46d5-8f22-c2128f32fb94&adnxsUserId=8565284698728386972
Request Chain 174
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/716c6e65df0474cf191366483e402d?gdpr_consent=&gdpr=0
Request Chain 177
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted&tc=1
Request Chain 178
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
Request Chain 189
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 190
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/fc8d9096-0f56-4abb-a2ff-69394e9c0439&partner_id=1010
Request Chain 194
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
Request Chain 207
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCb7dTqXxCwCRisAjIISoN6P0GycxM HTTP 301
  • https://tpc.googlesyndication.com/simgad/9507606201371492950
Request Chain 215
  • https://c1.adform.net/serving/cookie/match?party=14&cid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent=
Request Chain 216
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:39ab6397-0a17-4f00-915b-4af970bb99c0&gdpr=0&gdpr_consent=
Request Chain 217
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=692755142150893309
Request Chain 219
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD93BD3F-D315-4E92-ADC1-8C014848E39B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD93BD3F-D315-4E92-ADC1-8C014848E39B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 220
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8565284698728386972&gdpr=0&gdpr_consent=
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3ZO9P9MVTpKtwYwBSEjjmw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 223
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=19316397-0a17-4f00-993b-41dbe53bddbe
Request Chain 224
  • https://pixel.onaudience.com/?partner=214&mapped=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9c48ea886db35fc6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REQ5M0JEM0YtRDMxNS00RTkyLUFEQzEtOEMwMTQ4NDhFMzlC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENYg1v1ahn8imhaRLeCjXT8&google_cver=1
Request Chain 228
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=855927984755454507
Request Chain 267
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKpry6chIC_Fv7g7xTDvVwM&google_cver=1&google_push=ASkJ3FZjga2mcT16ZBpZag9WI7oE058JYBBADTCogQUQQZOibdjtq1goOZ4G0FeDQxqvN2WPaJ1XICoCes1aUo8jacCx7l7IrRY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZjga2mcT16ZBpZag9WI7oE058JYBBADTCogQUQQZOibdjtq1goOZ4G0FeDQxqvN2WPaJ1XICoCes1aUo8jacCx7l7IrRY
Request Chain 268
  • https://um.simpli.fi/gp_match?google_gid=CAESEAR97SmtJb7oGOZJSFJXZ4s&google_cver=1&google_push=ASkJ3Fa61MW_97_jkgGiAAVfdllPgX3PaGYKWdiBHLYao_e5yManSFatufQwAbpe6757nfNxIP5pNjdN9Rc5x5GMmF6RSMDdWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=61DA5620EAB5439EA8DCC690FDE41E98&google_push=ASkJ3Fa61MW_97_jkgGiAAVfdllPgX3PaGYKWdiBHLYao_e5yManSFatufQwAbpe6757nfNxIP5pNjdN9Rc5x5GMmF6RSMDdWA
Request Chain 270
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEILgvRascOv3yTPUFahbYSc&google_cver=1&google_push=ASkJ3FZ2NQOzSklL2sTd5mQEdph2_sBoyvvJXw0I3pbMZ4SNCdypcRTmqQ87nMO53Y6-O7RJUeahpdvV3tPmXGwNzJcgrJH5NsM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6a1j1ZfESl2ng-Ypei_TVQ2&google_push=ASkJ3FZ2NQOzSklL2sTd5mQEdph2_sBoyvvJXw0I3pbMZ4SNCdypcRTmqQ87nMO53Y6-O7RJUeahpdvV3tPmXGwNzJcgrJH5NsM
Request Chain 271
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIQLF-GzKZUa5lhx9VREBAw&google_cver=1&google_push=ASkJ3Fbd77mP6aWH2ZrOH_e19q30sD-65-FBImyPy5NoOjvgYyyB5P6TjNbsY9gwgng7zDy-kNLNNPq7DEu-1KDR_95wHW0tbLk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fbd77mP6aWH2ZrOH_e19q30sD-65-FBImyPy5NoOjvgYyyB5P6TjNbsY9gwgng7zDy-kNLNNPq7DEu-1KDR_95wHW0tbLk
Request Chain 272
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELXyDuRgbkO68-YfDEW0GSE&google_cver=1&google_push=ASkJ3FZ7zVvb14rlnl9rWZOwI7w9zdjpALlaxlFRi9l3KT4PweXOJkj4o9tptihivmNvGYggYSqOMEw18NiCUkBNjBr6F9LmvQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU1OTI3OTg0NzU1NDU0NTA3&google_push=ASkJ3FZ7zVvb14rlnl9rWZOwI7w9zdjpALlaxlFRi9l3KT4PweXOJkj4o9tptihivmNvGYggYSqOMEw18NiCUkBNjBr6F9LmvQ
Request Chain 273
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC7pW1_R7zrUUhzpZyfFuKk&google_cver=1&google_push=ASkJ3FZzaXCHJ6iAv3ftr9mWcgn_VLS_ldRGf_sSs9t6xfaXTqk8UCPd5L3pSHMoogquI_3g3SJ2SJW1KFA-dceYH1U_bZkzzQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLT1EyMEctQS1CNDJI&google_push=ASkJ3FZzaXCHJ6iAv3ftr9mWcgn_VLS_ldRGf_sSs9t6xfaXTqk8UCPd5L3pSHMoogquI_3g3SJ2SJW1KFA-dceYH1U_bZkzzQ
Request Chain 330
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAQIObNA0eAmdzilgda-ERE&google_cver=1&google_push=ASkJ3Fa6HdjwcfjkYv9rxT3FFLA06772txBkhAsIQhRR9jIBNfdZ93aQYsGZ8tdZzSoW8mF5CK5tBDAnAIptvYYpIjUuynqEeOR1Yw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAQIObNA0eAmdzilgda-ERE&google_push=ASkJ3Fa6HdjwcfjkYv9rxT3FFLA06772txBkhAsIQhRR9jIBNfdZ93aQYsGZ8tdZzSoW8mF5CK5tBDAnAIptvYYpIjUuynqEeOR1Yw
Request Chain 331
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJnef1Z7N8mfNalwz7dn_kY&google_cver=1&google_push=ASkJ3FZDUJx_c5lY0gfuDyAugZnOXGMr9_2wLPojKcZoCGv94bFkUCOM5AKv57S9LCd8lwdGmO918qDf3f85fvpkDu8Ko4W8XgyXdw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJnef1Z7N8mfNalwz7dn_kY&google_cver=1&google_push=ASkJ3FZDUJx_c5lY0gfuDyAugZnOXGMr9_2wLPojKcZoCGv94bFkUCOM5AKv57S9LCd8lwdGmO918qDf3f85fvpkDu8Ko4W8XgyXdw HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=80f72ff1-e5f2-4b43-a3e3-22415b24558e HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=80f72ff1-e5f2-4b43-a3e3-22415b24558e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=95c45a2a-91c3-4885-917f-64ae31716afb&ssp=google&expires=30&user_group=5&bsw_param=80f72ff1-e5f2-4b43-a3e3-22415b24558e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZDUJx_c5lY0gfuDyAugZnOXGMr9_2wLPojKcZoCGv94bFkUCOM5AKv57S9LCd8lwdGmO918qDf3f85fvpkDu8Ko4W8XgyXdw&google_hm=gPcv8eXyS0Oj4yJBWyRVjg==
Request Chain 333
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDrCwSsheH5eFznuX-36s0c&google_cver=1&google_push=ASkJ3FbvQy_-7T3BApfFJVl-1Y2hhGue7cvtwJm2DzD-OJ3q8xstbMvozUQqfHZMXre3UzSe3YDDD53z4P934tclauRdaHjqXd5uiA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3ZO9P9MVTpKtwYwBSEjjmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbvQy_-7T3BApfFJVl-1Y2hhGue7cvtwJm2DzD-OJ3q8xstbMvozUQqfHZMXre3UzSe3YDDD53z4P934tclauRdaHjqXd5uiA
Request Chain 334
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECw-ANsG0hMmQHOs-ReZf5Y&google_cver=1&google_push=ASkJ3FZNT4jwIoCefD7c4hGdbjmoyIKMjrjP2BLtLfsTZ9Lq8yhYOU6tKPsOJod_w2hd4GMJVt7wx1_w0eQQGOCNQ2H6tw1X40BpYQ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FZNT4jwIoCefD7c4hGdbjmoyIKMjrjP2BLtLfsTZ9Lq8yhYOU6tKPsOJod_w2hd4GMJVt7wx1_w0eQQGOCNQ2H6tw1X40BpYQ&google_gid=CAESECw-ANsG0hMmQHOs-ReZf5Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk2OTgxOTA3MzY3ODQwNzU0MjY2MQ%3D%3D&google_push=ASkJ3FZNT4jwIoCefD7c4hGdbjmoyIKMjrjP2BLtLfsTZ9Lq8yhYOU6tKPsOJod_w2hd4GMJVt7wx1_w0eQQGOCNQ2H6tw1X40BpYQ
Request Chain 364
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 365
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 368
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 403
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsports.walla.co.il%2F&domain=sports.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=FYRWanxaTmlLd3kzWGlyU25DQXE0eTd4djZXRGNtM1BlMkRqbFphMnFqelVGdjEwdlptMzRvSEdkZTJueTRZeVhwemFlaHNwYlNGZzRVVlUwMGdDVGU5ZWdYRERBY1BMS2lZQmNRalpoVDFKOC84UklOQTNkRTA2T1RkcVhKVCtqeTlYci9BVzhjVUhib1RVbTlYdWpISWpITS8rWDMvKzk0bVd3MW5seDJ4SEtvRlkwcWt3MlBPNzJzU2ROUFgzUmdSTDhQVVUwZlZlN2VVeE8rdkNidU00c1RzMWl4dStjZi9tM2pEQjB5SlRiaVdHL1Z3RUczcmVkb3ppdTRydnNiL0U2fA&cppv=2
Request Chain 437
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=K0Ed8C0TFfAwSkKme0EJoihCHPYwFhz2eUT7AFjX
Request Chain 438
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7176215633735710867&gdpr=0&gdpr_consent=
Request Chain 439
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OOy_Hp7DQvxiW6M3xYRcWLnVm6g
Request Chain 440
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDSHFVN0hMaFFBQUNCUi1UUjhGdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACHqU7HLhQAACBR-TR8Fw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACHqU7HLhQAACBR-TR8Fw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACHqU7HLhQAACBR-TR8Fw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5489620644576826852&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACHqU7HLhQAACBR-TR8Fw&gdpr=0&gdpr_consent=
Request Chain 441
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5cKFwADbRJdvQAF&gdpr=0&gdpr_consent=
Request Chain 442
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&addseg=19,36,42
Request Chain 443
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DD93BD3F-D315-4E92-ADC1-8C014848E39B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DD93BD3F-D315-4E92-ADC1-8C014848E39B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 445
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=DD93BD3F-D315-4E92-ADC1-8C014848E39B HTTP 302
  • https://a.audrte.com/p
Request Chain 446
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=80f72ff1-e5f2-4b43-a3e3-22415b24558e&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_6146d54b-dbd5-427a-856c-b3e2489be4a4&bsw_param=80f72ff1-e5f2-4b43-a3e3-22415b24558e&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80f72ff1-e5f2-4b43-a3e3-22415b24558e&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 448
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PGo6u4RE2uWfZO653NClG.PhIDevMu8-~A&gdpr=0&gdpr_consent=
Request Chain 453
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5cKFwADbRJdvQAF
Request Chain 454
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB
Request Chain 455
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8646241924767986126
Request Chain 457
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF2cAKkhuQ8pELFqGu91OJ0&google_cver=1
Request Chain 458
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0c17a53b-481a-4014-9966-eb158a836c69&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=80f72ff1-e5f2-4b43-a3e3-22415b24558e&gdpr=&gdpr_consent=
Request Chain 459
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Request Chain 462
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF2cAKkhuQ8pELFqGu91OJ0&google_cver=1
Request Chain 463
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5cKFjx6FoJlUD-FCRKzuwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENWsxrPuRm1Fr-P3YfU1paM&google_cver=1
Request Chain 465
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y5cKFjx6FoJlUD-FCRKzuwAA%261199 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=57c24e7a-9e87-4347-8361-b4f81aa4d7b1-tucta908f99
Request Chain 466
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=eafefe5b-d6c3-d2e3-f9949c57
Request Chain 467
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8565284698728386972
Request Chain 468
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822730010533
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEETJ7Zqa86InBGBgsjtqqNw&google_cver=1
Request Chain 475
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RGDUk8oaQEyslWFRYmWmUg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RGDUk8oaQEyslWFRYmWmUg
Request Chain 477
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3CG35pkmT76McOplJxHapg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3CG35pkmT76McOplJxHapg
Request Chain 478
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/6_BLkfHCJuS_7gXt_2YwuA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EqOP3iBE2oJXZVK1MLKIxW3ePJNCcpJeNhCkOw--~A
Request Chain 479
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGMzZjk3ODMzZjM1NWFhMDU0YTQ3YzE1NDViNDA5MmRhYTkxMTA2NA
Request Chain 480
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBKOQ20G-A-B42H
Request Chain 481
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLT1EyMEctQS1CNDJI
Request Chain 482
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted
Request Chain 483
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted
Request Chain 489
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
Request Chain 490
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
Request Chain 494
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 495
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 499
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
Request Chain 500
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
Request Chain 501
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=5e30d2b2-7a0c-11ed-bb0d-1ef5e1e50106 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/5e30d8be-7a0c-11ed-b590-1342c0320306
Request Chain 502
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=5e30d8f7-7a0c-11ed-b590-1342c0320306 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/5e30d8be-7a0c-11ed-b590-1342c0320306
Request Chain 503
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 504
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 505
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/30b1312e-0efd-40d6-b01f-c8fd19672a6e?gdpr_consent=null&gdpr=0
Request Chain 506
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/a31e22f6-2ef0-4b97-a8d8-038e9bbd604a?gdpr_consent=null&gdpr=0
Request Chain 543
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 544
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 545
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1670842908447 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8778424044
Request Chain 549
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRjWSngSSUQhYVMjU
Request Chain 550
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=933753539 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DD93BD3F-D315-4E92-ADC1-8C014848E39B
Request Chain 552
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8646241924767986126&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 553
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8a3d6a9b-67bf-442a-8080-60f7340c5205&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 554
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8565284698728386972
Request Chain 556
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=sports.walla.co.il&bundle=JqO4gl9oWmpWenhldHpQMGRqd2w4ckVZNnlpbXVCclZjTjZRbEUzY29TcSUyQmVaMyUyQmxxODZuVXREYUJvZHFNU3RUbVpPa212Q2VKWlZyM09yZG9TMFlrWXpraDAwekRGSVoyWU41NGhKN2FTNndIQjUzJTJCYVFsdkhURUtCbEdrbExYJTJCOUZB&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=9aPSuXxUSDZRR1Z3RFZQYkg5ZUd4LzRHWTVsQkpsQlVPa0EydUJRR0F5UExTcENITVV0NEVuZFVBeVhJTFdWdFkybDBuTHpTUEhneFNvU1pMS1AveU5pQUEwQ2d1WXJvd3MrWkptOURUU3oxRWRCdE1kUlNURUxKTXdpdVZ2U3YrdXNUaENvWjlHcjlMV0RpaGZDemMwVGpKT2dpTGJhaW1hVFgyY2lmSVcyNjhsbnVCUDBnMVZGWmczalBzUmdYQWdYVlZ5MkkwT2NsZTZJU0NVeGR3d2Ira1pSR3VoMHp4Z0xLUW9WR09XbWVBL0VqRlBiMjN5dFNmTStmcWtHTjF3ZEhHN1dIK2FJQjZWVExuSlBtZmt1bkQ2Zz09fA&cppv=2

569 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sports.walla.co.il/ 		551 KB
284 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e2a640a3b24e12fd43148482b1db1a340f05e881363a0aeb79cb2651652c2dcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 12 Dec 2022 11:01:38 GMT
etag
W/"89d59-/eGVjRcgaPHtoHJdTYdtZqky3bU"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
x-amz-cf-id
WO1ZvJm6gMkgZ6-AU1mc2xxQJ6zCiC0GYzrM5n7HX2_5-qNSvNca3g==
x-amz-cf-pop
BOM78-P1
x-cache
Miss from cloudfront
x-cached
HIT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1419 / 726 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Dec 2022 11:01:38 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:d800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 10:43:28 GMT
content-encoding
gzip
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
1090
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
0o1bHr_Ciw1Xp96KuoiWHxaa9hoyuE4ch26ih6SjajUUxXLOW--8ag==
expires
Mon, 12 Dec 2022 12:43:28 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 11 Dec 2022 15:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Dec 2023 15:34:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		910 B
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sports.walla.co.il
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0946ed06195f9cd38ab578e27a2bd12166e5f957670646d3b722693a57f8239a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
293
x-xss-protection
0
expires
Mon, 12 Dec 2022 11:01:39 GMT
mobile.svg
sports.walla.co.il/public/assets/logo/ 		1 KB
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/logo/mobile.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
0049a61681f009097e433d79763495def6c0a29963c2349643b10bad537266d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"437-18505ede190"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
9y5S-AyNS0W245QYZ4V9exKBJyacfxDH1AsIsJixdQ7hCwHv85DHow==
x-cached
MISS
logo_new.svg
sports.walla.co.il/public/assets/logo/ 		1 KB
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/logo/logo_new.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"4bf-18505ede190"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
Ykc8ohNEoDrR_rbWn-60DcrHaD2x_c_thwdUi1P6NlE7MI1RLqxsVQ==
x-cached
MISS
new-logo.svg
sports.walla.co.il/public/assets/homepage2/ 		1 KB
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"492-18505ede190"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
TzSQOBaJgC0A1P6RzSVcNV84_LGA3SQL6evKnCB1d-YgsIBodKkcIA==
x-cached
MISS
yad2.png
sports.walla.co.il/public/assets/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/icons/yad2.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"488-18505ede190"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1160
x-cached
MISS
x-amz-cf-id
G0LyUqOWlwlgrRqWjXRc145MDlk6VLF0Aqr9CXPEly5BZ-dPOxwL6g==
allay-icon.svg
sports.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"c00-18505ede190"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
fPGOcoiStyQUUBtW_ctbHgHs-Zn7v9IOkEYQI0D2V5gME7p_6O1jig==
x-cached
MISS
vod.png
sports.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/icons/vod.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"4a6-18505ede190"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1190
x-cached
MISS
x-amz-cf-id
E5gIdnuFbpgaxO-byqS7LDvBBvSjXvdOqjEicT6kVFbhuqb1R__LnA==
3454685-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_54/3/4/5/4/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_54/3/4/5/4/3454685-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
e6f0df4d92328d2d1ae7e69b35122a3424fbaf1aebb970528f69e0ea8f8440c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 10:59:39 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
120
edge-cache-tag
133558322983205883428136256238521779171,325240592619059456640567246033780590469,d2bce9e04f88d43dd8350e859c701704
cache-tag
133558322983205883428136256238521779171,325240592619059456640567246033780590469,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
54878
x-request-id
51a5e0ea56595927ac8e3176c831c9e8
x-served-by
cache-iad-kiad7000021-IAD
last-modified
Mon, 12 Dec 2022 10:59:40 GMT
server
cloudinary
x-timer
S1670842779.308555,VS0,VE356
etag
"c38857c9e58f2a03cf626577e13bb409"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
HSGiN3mU6FEaJPoaBbFC0XGE1lBWAii_CFboFIIAHHJJNfdVEg0Yvg==
x-cache-hits
1
3453807-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/5/3/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/5/3/3453807-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
ca746e5e6037fae3b1ffdab3a61e895d2b9020cf793043748b01cae12fdbace1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 08:40:46 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
8453
edge-cache-tag
415510246809840262451097681008745639554,296669085930173046018955570404530009042,d2bce9e04f88d43dd8350e859c701704
cache-tag
415510246809840262451097681008745639554,296669085930173046018955570404530009042,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
16860
x-request-id
7fca6a784cc7b01d22d237494ce05dd2
x-served-by
cache-iad-kjyo7100147-IAD
last-modified
Mon, 12 Dec 2022 08:40:47 GMT
server
cloudinary
x-timer
S1670834443.910300,VS0,VE3843
etag
"496ccd5c9cb5eb61b494e093a6f6b1a0"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
S4epa7ufmmLFPZxvBg7H85Llhig9HCdEKaaX2x8nq-2rkgW-Hj_Sjw==
x-cache-hits
0
3469378-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/6/9/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/6/9/3469378-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
0dd94ee3e53c0f3a41f4a92c8d3d6a83a83a23a0d2b5b49b90f033b6c137199b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:57:19 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
3860
edge-cache-tag
213971548125585374824389145347080374891,296669085930173046018955570404530009042,d2bce9e04f88d43dd8350e859c701704
cache-tag
213971548125585374824389145347080374891,296669085930173046018955570404530009042,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
7057
x-request-id
41711f012ceccbb4776a91fa7dc73878
x-served-by
cache-lga21954-LGA
last-modified
Mon, 12 Dec 2022 09:57:20 GMT
server
cloudinary
x-timer
S1670839035.379147,VS0,VE4340
etag
"b405edc590dc85d69b63ba4e450aa24f"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
PgU1xZ2r9ghnkp5rbMyrGE0FJkQFY1laS0pjIHVxpr9l6ZTEJo_iig==
x-cache-hits
0
15956.png
admin.teleline.co.il/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/15956.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
453c37f8cd9c438b20aa1e7f731cda4e242cdb4b6895a43aefd96d349f699a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:38 GMT
Last-Modified
Mon, 05 Dec 2022 11:09:52 GMT
Server
Microsoft-IIS/8.5
ETag
"12c45f199a8d91:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
13812
103.png
admin.teleline.co.il/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/103.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b5210f1d7206a786e8341469931625f6060842d886788cb43b55f42294be378a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:38 GMT
Last-Modified
Thu, 18 Jan 2018 00:23:00 GMT
Server
Microsoft-IIS/8.5
ETag
"08a87ff28fd31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
4739
123.png
admin.teleline.co.il/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/123.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
116b6f141db28cff484f08934a55a22f69abe067dc42f80aeadac811965bb8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:38 GMT
Last-Modified
Thu, 18 Jan 2018 00:23:00 GMT
Server
Microsoft-IIS/8.5
ETag
"08a87ff28fd31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
6141
15964.png
admin.teleline.co.il/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/15964.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
83efd0b9101c6f59e129f081c28b3c1c50007c2e8c5a3fdeb0a37758655a4827

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:38 GMT
Last-Modified
Tue, 06 Dec 2022 05:54:54 GMT
Server
Microsoft-IIS/8.5
ETag
"2d3e4f43379d91:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
12392
15957.png
admin.teleline.co.il/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/15957.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a30a0ed9ed6037e109da9e6a8ddbdc3db176b93d79f9f83878839f5e6d880d70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:38 GMT
Last-Modified
Mon, 05 Dec 2022 11:10:56 GMT
Server
Microsoft-IIS/8.5
ETag
"c01a863f9a8d91:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
13968
109.png
admin.teleline.co.il/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/109.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2542685bdd4814ff0d7ea2a6b89c3bd56dc88534724d5a47ab45a0f3323b392f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:38 GMT
Last-Modified
Tue, 04 Aug 2020 01:21:44 GMT
Server
Microsoft-IIS/8.5
ETag
"a83c19dfd69d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
7197
15958.png
admin.teleline.co.il/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/15958.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c7e3580052b11fcefbab0412466ccdd7e81e3fd18bfb0814d078a6392deae99d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:38 GMT
Last-Modified
Mon, 05 Dec 2022 11:11:36 GMT
Server
Microsoft-IIS/8.5
ETag
"4d7fa579a8d91:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
9542
102.png
admin.teleline.co.il/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/102.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5c44026d9ccdf5aaa1ab7153bbe052940141b1adf41b4903d0ae5ff330166b37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:38 GMT
Last-Modified
Tue, 04 Aug 2020 01:28:14 GMT
Server
Microsoft-IIS/8.5
ETag
"27e7d86fe69d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
3992
banner_liga_mobile_new.png
sports.walla.co.il/public/assets/sport/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/sport/banner_liga_mobile_new.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
d60e5e5cee573ca477e287973d2737f79f2229c24320f830db23df1dd368bbe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"7d82-18505ede190"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
32130
x-cached
MISS
x-amz-cf-id
gKhFIUoCslyKr_jLIDlC4KDR53D1P7NZRQyutZRh7LwRpjBLmlcrVw==
walla-v2-prod.js
cdn.valuad.cloud/hb/ 		907 KB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
affa20d6b1d7f21dbbe6619e9f5c0af11d05bb7035a1bf8417164784871f2e15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 11 Dec 2022 09:25:56 GMT
x-amz-request-id
tx000000000000048fc763d-00639606d1-2b9ea74d-fra1a
etag
"8e6d92abec4c0476dcaadb4b4dcac567"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1670842899.dop150.am5.t,1670842899.cds149.am5.hn,1670842899.cds259.am5.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
250171
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:39 GMT
Content-Encoding
gzip
Age
1031
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29221
Last-Modified
Wed, 02 Nov 2022 19:43:37 GMT
Server
ECS (frb/6724)
Etag
"6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
v2vddpEasB0f4njHXiLQzkZuIxPoA-0T8nOJvfAVmJ20JOk1Ls1o4CSA
expansioneggnog.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expansioneggnog.com/v2vddpEasB0f4njHXiLQzkZuIxPoA-0T8nOJvfAVmJ20JOk1Ls1o4CSA
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d730dcd2122a4f733add44430011068b6a7d7f0f79ecb58e748fe8c715b5bbe3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Mon, 12 Dec 2022 11:01:39 GMT
x-datacenter
gce-europe-west1
etag
"fed60d38c875815a3d06630eed0807fd41410ca2077e9e21f330b32d9170b548"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-m8j1
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gtm.js
www.googletagmanager.com/ 		405 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
46044cb363a908423cdb89ce7e605085029e6d1e43342026d8571a919ce8793e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84901
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Dec 2022 11:01:39 GMT
gtm.js
www.googletagmanager.com/ 		480 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8c39d3a763fff789411250d8802b710a3f41424f785bde603839f3d1cd49b6b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66328
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Dec 2022 11:01:39 GMT
gtm.js
www.googletagmanager.com/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
632f74961d040e5981516eb5099e659d751f5ba359e83d01538116a8478e7fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47546
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Dec 2022 11:01:39 GMT
wallawb.js
cf.dxmcdn.com/dta/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/wallawb.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ce00:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
content-encoding
gzip
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
date
Mon, 12 Dec 2022 06:41:14 GMT
last-modified
Sun, 29 May 2022 13:46:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
15677
etag
W/"c6a8b1a7ee5ce83efe089c14c99eefad"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
5eSZfmg_qBHR1Og_02qOtCy47g6LzhxTS1C_0JDDKw70Jtxnj1JdVA==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:d800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:26:35 GMT
content-encoding
gzip
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
5704
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
EPlsJsMrBpgxFSrpgzhacgLg7rzHrga6x9IlZvE2Z4yLoA_wy5nR9w==
expires
Mon, 12 Dec 2022 11:26:35 GMT
almoni-neue-aaa-600.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"e954-18505ede190"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
HIT
x-amz-cf-id
HVDYjbSD7FraU9xkTXOYxNRnVILqn40VUeJZo6V308dpQw33yUtylg==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		160 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=sports.walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a215c07deba855d94751d7693c5867d2ffa8955137fddf4588004c29977d57d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
11
date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
977
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
128
x-served-by
cache-hhn-etou8220076-HHN
x-timer
S1670842899.369796,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 10 Dec 2022 10:45:22 GMT
icon-mail-empty.svg
sports.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"5f6-18505ede190"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
fp7RGk0ZEJIHT6RxMB_KYIvF-Axs4iYTDmo7QaDJXAQjswC0JoD37w==
x-cached
MISS
walla-sprite.svg
sports.walla.co.il/public/assets/icons/ 		19 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"4a05-18505ede190"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
BWO_0osNH2Bc42fy89RwM4WZAa7AGMw-4KUoCX8wAFaVFtC16TPWPg==
x-cached
MISS
almoni-neue-aaa-900.woff
sports.walla.co.il/public/font/almoni/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-900.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
75ccb11e22d3f2e3475ada74631301c9071a94fb903877a28fc46875b9cfd063

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"ef18-18505ede190"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
61208
x-cached
MISS
x-amz-cf-id
ywvj3i1u2Q1fbOpMeQUAkhxVUfgeD6PFSNeGeHcubA57qK0y_-VnAQ==
almoni-neue-aaa-500.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"e7c0-18505ede190"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
HIT
x-amz-cf-id
YmjqQLklYte26qspmaS22xW8CFhH3YW4iU7yLKsKlWISQSnazw4AKQ==
almoni-neue-aaa-700.woff
sports.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"ea00-18505ede190"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
HIT
x-amz-cf-id
nwsBepLOm4HUjEPiOe2VQaYlrUpaxSEiFduZQQnwOStuSW52QqytAw==
almoni-neue-aaa-400.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"e770-18505ede190"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
AttRZPQm0oWIHyIYCwcU7EZnVKEvkO6UMjQBlOLEI918E_Nc7SmI2g==
wallaicons.woff
sports.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"3bdc-18505ede190"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
HIT
x-amz-cf-id
bGjaPnyEX2J-ua7bHDtoJJmiU7b47PVJ88JzJMVMAlu6E-Ou4DSBcQ==
almoni-neue-aaa-800.woff
sports.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/font/almoni/almoni-neue-aaa-800.woff
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a

Request headers

Referer
https://sports.walla.co.il/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"e65c-18505ede190"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
58972
x-cached
HIT
x-amz-cf-id
qf2yjl8KDgvBLSKlwi4aNQcpmdjG5Cyn5uUFMioBh5-8Wb2IsgE8Cg==
new-logo-walla-negativ.png
sports.walla.co.il/public/assets/icons/ 		636 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"27c-18505ede190"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
636
x-cached
MISS
x-amz-cf-id
PG4Kp1ewrQKbfFWqk1otMYTwbZASFCgLApiYymyj2objEsB6PajNUg==
sponsors-logos-sprite2.png
sports.walla.co.il/public/assets/icons/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/icons/sponsors-logos-sprite2.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1ab50ee880257c71537296b3c205b390186e2ab6ec764b5c35f5955ded1f2dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"11b7a-18505ede190"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
72570
x-cached
MISS
x-amz-cf-id
UQ4LaR-oitcJJeYisZQjfVhTmotIqDEtV5RfI8h5X1912EmSPfPtjw==
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-12-12
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:5400:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
011c408b7ff25c35efca452bf1637f1c694a6204b7b64cec169449bea7069fe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:49:55 GMT
x-amz-version-id
Nd8.dF1Wuu9bRIdfz7lkbOzhk4FRfg.s
content-encoding
br
last-modified
Thu, 08 Dec 2022 18:40:09 GMT
server
AmazonS3
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
etag
W/"9ac4e5d61a9aafb5f4fcfc97d1518794"
age
4305
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
IN6kkslonYCSeJ51A1kAmbPBIku-yXXiy1LVOxViepALDcN7-_G4Qg==
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 12 Dec 2022 11:01:39 GMT
server
Google Frontend
x-cloud-trace-context
913cc46571b27d9205842c72fb6ed090
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
x-request-id
2b56b5b2-047e-46cf-ad3b-2d980044e8ff
x-vad-version
0.9.13

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
x-cloud-trace-context
2c2e225e32958aaa599dcbc72b43ed5d
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
map-id
ledger.crowdad.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=71c96c2e-28ed-46d5-8f22-c2128f32fb94&adnxsUserId=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D71c96c2e-28ed-46d5-8f22-c2128f32fb94%26adnxsUserId%3D%24UID
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=71c96c2e-28ed-46d5-8f22-c2128f32fb94&adnxsUserId=8565284698728386972
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=71c96c2e-28ed-46d5-8f22-c2128f32fb94&adnxsUserId=8565284698728386972
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Server
34.241.12.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-12-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:39 GMT
AN-X-Request-Uuid
91b93701-4b8e-445b-8ca2-1e30ee0395e2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=71c96c2e-28ed-46d5-8f22-c2128f32fb94&adnxsUserId=8565284698728386972
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
handshakes
khn.crowdad.io/ 		0
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.214.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-214-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.walla.co.il
date
Mon, 12 Dec 2022 11:01:39 GMT
access-control-allow-credentials
true
content-length
0
handshakes
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.214.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-214-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://sports.walla.co.il
content-length
0
date
Mon, 12 Dec 2022 11:01:39 GMT
aax.js
c.aaxads.com/ 		389 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAX32BW87&hst=sports.walla.co.il&ver=1.2
Requested by
Host: expansioneggnog.com
URL: https://expansioneggnog.com/v2vddpEasB0f4njHXiLQzkZuIxPoA-0T8nOJvfAVmJ20JOk1Ls1o4CSA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72beb77d56d1848987505eb6ea65eca1e5b030a670dd32ac2c37747e2eb136a3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Mon, 12 Dec 2022 11:01:39 GMT
server
Apache
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Mon, 12 Dec 2022 11:31:39 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Dec 2022 09:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5819
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 12 Dec 2022 11:24:40 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa4351a3775574c5342ae19fd741450aa267a2a8c539e1e717dad3dd5ad71af5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78939
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Dec 2022 11:01:39 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Dec 2022 11:01:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27317
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
NZ/WQ362Xd4ZfQfQZX3XsSSeQyreJTS8Th7waZkjICCaLv2JKoJA1nT4kXFKCCHQ+7cNW3T9MZ3Z6RRizLgFMw==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
widget-c.js
d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/ 		745 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/widget-c.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-123.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8099a196b2170630895f07f2cfe3300a710f47f9f15aa5a574e44237cff91619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 08 Dec 2022 03:47:24 GMT
Via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
Last-Modified
Thu, 09 Feb 2017 14:13:37 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
371656
ETag
"ddea3a811593486529ca061aaabe4dee"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=29030400, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
745
X-Amz-Cf-Id
UQ0Adlck4infOaebNC1JF9Msr91DIQgwiVKBb7QuCPX-HfAWY266Zw==
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dca088c714bf9fa08a31314afdb74a7ce559ca63af88ed50862d73fefc9de3cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79012
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Dec 2022 11:01:39 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1245572/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9368470c284c8f61e7411a81029d349fd86a5cfd46f381a528b5c7bc37d5274c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
0c3vTqaMcdwlEgMXYLiiwqbTZU.91YmZ
content-encoding
gzip
via
1.1 varnish
date
Mon, 12 Dec 2022 11:01:39 GMT
x-amz-request-id
ZBBEBA14NA5TWX8E
age
4
x-cache
HIT
x-amz-replication-status
PENDING
content-length
18113
x-amz-id-2
0M8S6O7rZXurUKCPc2SyipDLIlasVH3EsUlIU1L3nb35/1pxBy9k4ewm8BzXeE6QS+X+OM644sk=
x-served-by
cache-hhn-etou8220071-HHN
last-modified
Sun, 11 Dec 2022 11:43:25 GMT
server
AmazonS3
x-timer
S1670842900.672043,VS0,VE0
etag
"5d01fc5709ad28d319d605eebbbc3618"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
89
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
2
pxusr.gif
c.aaxads.com/ 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
strict-transport-security
max-age=604800
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
content-type
image/gif
cache-control
max-age=479505
accept-ranges
bytes
content-length
43
expires
Sun, 18 Dec 2022 00:13:24 GMT
pxext.gif
www.aaxdetect.com/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.185.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-185-101.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:39 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=684493
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 20 Dec 2022 09:09:52 GMT
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L30GH6X3WK&gtm=2oebu0&_p=319267692&cid=361128423.1670842900&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670842899&sct=1&seg=0&dl=https%3A%2F%2Fsports.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1616785908557850
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cf7b6880b8ed23941e1195de247f4f3339bd63ed14dbb0802407fb0b9e6a2a7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Dec 2022 11:01:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86420
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
7NoK/rQIF0UDU+WQOVvUkFjwd7prYqkIQc4mERim92JyrLB4GiYP1PX3gIT0FPl+/nl6uklA0UT4Sd6BxWsY2g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
json
trc.taboola.com/1245572/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1245572/trc/3/json?tim=1670842899787&data=%7B%22id%22%3A792%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670842899781%2C%22cv%22%3A%2220221211-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsports.walla.co.il%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drtbee-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670842899786%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsports.walla.co.il%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A21%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
245ca59584797c0142e320819fb75cd4b70816e10020dc0a7b6562fc5d4cdc72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
13
date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn-etou8220071-HHN
server
nginx
x-timer
S1670842900.800045,VS0,VE13
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
widget.js
d2muzdhs7lpmo0.cloudfront.net/ 		0
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2muzdhs7lpmo0.cloudfront.net/widget.js?id=19762286&secure&9282461
Requested by
Host: d29k50lkkhkjby.cloudfront.net
URL: https://d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/widget-c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-146.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:00:56 GMT
Content-Encoding
gzip
Via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P4
Age
43
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache="set-cookie"
Connection
keep-alive
Content-Length
20
X-Amz-Cf-Id
XID3aPEXv5ruHASme8QPPRgPkBapD5pPb0dNyEAvYz_PJNZvFMj0wA==
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oebu0&_p=319267692&cid=361128423.1670842900&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670842899&sct=1&seg=0&dl=https%3A%2F%2Fsports.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
l3.aaxads.com/ 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=158&dgw=desktop&flg=AAX32BW87&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=sports.walla.co.il&vhuyqdph=ssp-serving-fc9f964b7-x4cll&vyu=120810_499_120810_470_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001670842899677031177838085120&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_gcp_w&deg=2&fdeg=0&gdeg=2&ghqg=156&fhqg=23&hqg=51&gvwduw=23&fvwduw=22&vwduw=23&uhtxuo=https%3A%2F%2Fsports.walla.co.il%2F&nzui=
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 12 Dec 2022 11:01:39 GMT
content-length
35
content-type
image/gif
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=319267692&t=pageview&_s=1&dl=https%3A%2F%2Fsports.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1914307373&gjid=469891692&cid=361128423.1670842900&tid=UA-249518521-1&_gid=1553134785.1670842900&_r=1&gtm=2wgbu0KL6PRJM&z=500322610
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=319267692&t=pageview&_s=1&dl=https%3A%2F%2Fsports.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1527090395&gjid=392033911&cid=361128423.1670842900&tid=UA-4780630-1&_gid=1553134785.1670842900&_r=1&gtm=2wgbu0T728TH&cd1=&cd2=3&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%A1%D7%A4%D7%95%D7%A8%D7%98&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fsports.walla.co.il&cd116=0&z=1152244005
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
sports.walla.co.il/public/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:40 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:45:32 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"2d69-18505f098e0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
8BDzdQQitjppdHd0mZpfneBfP1NMBVSdbhbBlVbMCchLW1nZOjgl0g==
x-cached
HIT
462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
sports.walla.co.il/public/ 		309 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f48a26731c5bedb73f2c65bc3537c096ee30acd40dc1dbc52ab9dc0c7300c28f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:24 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:45:32 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
age
15
etag
W/"4d5fa-18505f098e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
HyHGnxrbtdQ0tpcrG-SOT9IT-di-Tv3LL4gzfS0lkuWK2tvXMOOZrQ==
x-cached
HIT
main_44772cd8991425e27082_44772cd8991425e27082_walla.js
sports.walla.co.il/public/ 		1 MB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/main_44772cd8991425e27082_44772cd8991425e27082_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
8c3d1ba45d367c1698cf9f110fecaaf98d63d809f893dd6f860ef4b899a7fbaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:24 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:45:32 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
age
15
etag
W/"1207a9-18505f098e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
YG0nYVmAYkKHh3E4AL-WUSqMbwcxNTzu06WezexssGeXv4VhUiRNuQ==
x-cached
MISS
252_ac6585b8615b80eee9bf_ac6585b8615b80eee9bf_walla.js
sports.walla.co.il/public/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/252_ac6585b8615b80eee9bf_ac6585b8615b80eee9bf_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
2d9e5ddf3350ffa9ce25db3270c54cd041adae212f17de412da84479c904abb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:40 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:45:32 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"4b23-18505f098e0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
5PfQOO33my7_x6y7JufPUO6CoD3m-r7Vki0md6PIpdnJZgbASdAOzA==
x-cached
HIT
697_8163e46e6fb20e02b411_8163e46e6fb20e02b411_walla.js
sports.walla.co.il/public/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/697_8163e46e6fb20e02b411_8163e46e6fb20e02b411_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
92d40c64adf6eead5c9323786ab19e5e2f761a678032467f146df24646346790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:40 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:45:32 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"da63-18505f098e0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
zQxkRk7k4YFJXTQe4ToO0mImuz83A_qWcI_sEdeE83_WIVqv6pqa5Q==
x-cached
HIT
517_5873b7e3df9fda841e8c_5873b7e3df9fda841e8c_walla.js
sports.walla.co.il/public/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/517_5873b7e3df9fda841e8c_5873b7e3df9fda841e8c_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
d2686979b1036a0518e40be3006b757e4458f82c81db3aebd7b990055cdf6ed4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:40 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:45:32 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"49f6-18505f098e0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
AjoeyjknmFpOaLjqzGMVZbHJhjT_51k4Pc8QDTSPpcd_XG6jVMpUcw==
x-cached
HIT
vertical_857fc10f4dcf7c6e89d5_857fc10f4dcf7c6e89d5_walla.js
sports.walla.co.il/public/ 		400 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/vertical_857fc10f4dcf7c6e89d5_857fc10f4dcf7c6e89d5_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
6fb4fb2015c1c18b6a31e89e3057ee75babd27b71692b345e227adef072fe025

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:40 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:45:32 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"64191-18505f098e0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
E5CMsizraaSQIEcn3N-7rTlEIaTd1y2oeE7A3SPBz42KslfnxBXH9Q==
x-cached
HIT
outbrain.js
widgets.outbrain.com/ 		219 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f746862b22dfaa4db9e0514bfe936d41c93e1d82a97560976c929a2ba15ad4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
last-modified
Sun, 11 Dec 2022 14:58:50 GMT
etag
"15-Ia2Av8AqhN2T0mMOMXgJiqcc+iI"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
ac2f91e781a5f7a0b5c0ca92ebc01205
timing-allow-origin
*, *
content-length
76856
170717926997655
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d08674bea66a3581266ce9ab2b7b598e25945bfb9da5abbe8ff2cbda0cb96cb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Dec 2022 11:01:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86301
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
BkdfUwpitysUIWUnGZnPh4TPzWbumJG9R0RJ9LNlvD57xiiq1A525nqBiPn8HFKTAPacc25PoQDK76F0APumNw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fsports.walla.co.il%2F&rl=&if=false&ts=1670842899928&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1670842899926.1855343791&it=1670842899780&coo=false&rqm=GET
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 12 Dec 2022 11:01:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
skeleton.js
static.adsafeprotected.com/ 		17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: expansioneggnog.com
URL: https://expansioneggnog.com/v2vddpEasB0f4njHXiLQzkZuIxPoA-0T8nOJvfAVmJ20JOk1Ls1o4CSA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
14202040
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
JqrbMwYqiDen_HpMqL4dtGgffWizH0SnU6w8EIvQYe6RH5IcRQRUJg==
widget_iframe.644279d1635fd969e87af94a98bd232b.html
platform.twitter.com/widgets/ Frame 23BB 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fsports.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
365332
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Dec 2022 11:01:39 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 02 Nov 2022 19:36:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668B)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 11:01:40 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4780630-1&cid=361128423.1670842900&jid=1527090395&gjid=392033911&_gid=1553134785.1670842900&_u=YADAAEABAAAAACAAI~&z=1375601979
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 12 Dec 2022 11:01:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=Di22MDCpTlg1CrBYjD&d=sports.walla.co.il&g=20047&g0=%D7%A1%D7%A4%D7%95%D7%A8%D7%98&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5635&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fsports.walla.co.il%2F&b=2165&t=CHQZXXCX1EDjDfppIfBGCdfBD-kHjp&V=139&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&tz=0&sn=1&sv=vaTFuBseCUUxcSbPD4l7DYChBsoQ&sd=1&im=061b0fff&_
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.108.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-108-72.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:40 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
settings
syndication.twitter.com/ Frame 23BB 		980 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=ca91a92f43fe1c801f633d23017233bc4a80bfe1
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fsports.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
0809dce74d140cdb75918db36517dfca9fee927aa704fd47ee48432aee8986b5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time
108
date
Mon, 12 Dec 2022 11:01:39 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 12 Dec 2022 11:01:40 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
c52ff4eceb2a7089
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
4f0d4febc414ccebb9ec5809403d83440898ff3be76c439b6fb4198b08321b13
content-length
386
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:40 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Wed, 11 Jan 2023 11:01:40 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=361128423.1670842900&jid=1527090395&_u=YADAAEABAAAAACAAI~&z=894496231
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=361128423.1670842900&jid=1527090395&_u=YADAAEABAAAAACAAI~&z=894496231
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fsports.walla.co.il%2F&rl=&if=false&ts=1670842900094&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1670842899926.1855343791&it=1670842899780&coo=false&rqm=GET
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 12 Dec 2022 11:01:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
v2srkmoygs1yM7hHZOXiWk9S39roiZFZR1fMZFBOQKV3lNYKo9f0rNKDcpDTaWeYab1AeEBJH
expansioneggnog.com/ 		191 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://expansioneggnog.com/v2srkmoygs1yM7hHZOXiWk9S39roiZFZR1fMZFBOQKV3lNYKo9f0rNKDcpDTaWeYab1AeEBJH
Requested by
Host: expansioneggnog.com
URL: https://expansioneggnog.com/v2vddpEasB0f4njHXiLQzkZuIxPoA-0T8nOJvfAVmJ20JOk1Ls1o4CSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
32b96fde9686a7d6d85ee27f0d654d0e572da22e3bf6e1d0c90837d8c4d17790
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 12 Dec 2022 11:01:40 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
x-hostname
fen-hoothoot-europe-west1-spot-m8j1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 12 Dec 2022 11:01:39 GMT
horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
6da7d8315fee3652e18b177b54485b45bb90222d001b4c6488fb4e19e498d591

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:40 GMT
Content-Encoding
gzip
Age
387433
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2977
Last-Modified
Wed, 02 Nov 2022 19:36:52 GMT
Server
ECS (frb/67D3)
Etag
"be517337a860b30e72096680d8dde0eb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embeds
syndication.twitter.com/i/jot/ 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1670842900201%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=ca91a92f43fe1c801f633d23017233bc4a80bfe1
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time
112
date
Mon, 12 Dec 2022 11:01:39 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 12 Dec 2022 11:01:40 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
09d0efa75c05c6ad
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
4f0d4febc414ccebb9ec5809403d83440898ff3be76c439b6fb4198b08321b13
content-length
43
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1670842900206&cv=9&fst=1670842900206&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsports.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
328381785b397ae40b1a126385ebe46b78eec6d1d91d8b99bf43b8a22ba44705
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
986
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.48.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-48-97.eze50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 10:11:18 GMT
via
1.1 2ee9a973245ee110bff6037af5589b14.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
x-amz-cf-pop
EZE50-P1
age
3022
etag
"61b8b8ab-1090"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
4240
x-amz-cf-id
Ja5BNwNYt3JE10P_fkeugWeyN7lbw5qAD2Y0iz8mD8HmMcvULzXzjw==
expires
Mon, 12 Dec 2022 11:11:18 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
cbe5c66dc036814dde662f21f08b8c7927cb241eca401d936521a46a65153627
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 10:43:25 GMT
content-encoding
br
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:43:25 UTC
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P2
age
1095
x-powered-by
PHP/8.0.14
etag
W/"5fbc3f7f5224ef33bc3d997d099cb5b6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7J-IGtwcJd4YEDoXC0MUriZt-jYUXAdLGMu-QmQ5fxqq472AQz1ynQ==
x-xss-protection
0
list2
syndication.twitter.com/srv/timeline-list/screen-name/WallaSport/slug/ Frame 3EF2 		0
0
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Dec 2022 19:03:18 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:40 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Wed, 11 Jan 2023 11:01:40 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:40 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache
etag
"1481c32-41771-5c7110f340cdf"
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=88153
accept-ranges
bytes
content-length
82748
expires
Tue, 13 Dec 2022 11:30:53 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
7785f6a20f8e922c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
www.facebook.com/tr/ Frame 3204 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sports.walla.co.il
Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://sports.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:40 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
spc_fi.php
cdn.firstimpression.io/delivery/ 		59 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=6960&url=%2F&charset=UTF-8&ch=11&ref=sports.walla.co.il&viewerId=null&referer=&_firid=81827283
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
ae4ca0b368e2c4adac01d76740c47a188a5eb4eb18f80a60aa9f7dbdde773e32

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:40 GMT
content-encoding
gzip
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
GfbzYn0m5zbIWm_kTwxG4W-ZxehWAr28glrW-tH9X7-E8UdVzZo3wA==
expires
0
/
www.facebook.com/tr/ Frame 4121 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sports.walla.co.il
Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://sports.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:40 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
452_26dc5e427d85df112ddb_26dc5e427d85df112ddb_walla.js
sports.walla.co.il/public/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/452_26dc5e427d85df112ddb_26dc5e427d85df112ddb_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/public/main_44772cd8991425e27082_44772cd8991425e27082_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1305b2f052d8eaa0fa1e83f15dfbe15cb58cdff54c44a3a24daa273e2e523a75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:27 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:45:32 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
age
14
etag
W/"1eaa7-18505f098e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
kpRoL236DS9aYblw8kHWPlu3YESMdjXecMECraS6pcCcikTGZUJAHQ==
x-cached
MISS
PikudInner_bb9f77b480edaf21f1e3_bb9f77b480edaf21f1e3_walla.js
sports.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sports.walla.co.il/public/PikudInner_bb9f77b480edaf21f1e3_bb9f77b480edaf21f1e3_walla.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/public/main_44772cd8991425e27082_44772cd8991425e27082_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
2d4b858c0e7906266e5342c077cb13a45cc546c1c678da9ca63a13a0940a7a7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:27 GMT
content-encoding
gzip
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:45:32 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
age
14
etag
W/"cfd-18505f098e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
fTBJIZDlP91_Vu1YVCrRIip8eHPKUQEVwkE4UM3ZtRSyPdSqdOo93w==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1419 / 481 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Dec 2022 11:01:41 GMT
close.png
sports.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/ads/close.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:34 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"46c-18505ede190"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
HIT
x-amz-cf-id
5UpJbX_ygQOhx-SKqPyioMlYYxE116k9cyruy_fBIMDt0RXgwFIAKw==
2985378-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100/2/9/8/5/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100/2/9/8/5/2985378-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
65d9e72ebeecfa8b01ad52b65a45e2353326128b66a5777ebd7d10e789d4318a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:40:12 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30144089
edge-cache-tag
332508796881959300068192273446983259348,118519378832773994244486914428125665886,d2bce9e04f88d43dd8350e859c701704
cache-tag
332508796881959300068192273446983259348,118519378832773994244486914428125665886,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
5485
x-request-id
053e009ab182d0e560eed7c68e9e38e1
x-served-by
cache-wdc5554-WDC
last-modified
Tue, 28 Dec 2021 13:40:13 GMT
server
cloudinary
x-timer
S1640698812.775728,VS0,VE284
etag
"10480a06f0316ea1e23bafcbe42ae94d"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
BitbG9SGZimsbyiychuZh5PdIyX5QB8RKAYLJNbnX72xyqq-csMNZg==
x-cache-hits
0
2458705-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/2458705-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
0d262927bac5a1f5c60e322246d0dd4c6f7bbcb1235701c5f4917585fd971eb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 05:10:56 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
8747445
edge-cache-tag
117484137628957629182761874529571566285,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
117484137628957629182761874529571566285,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
5178
x-served-by
cache-lga21968-LGA
last-modified
Tue, 28 Dec 2021 13:40:29 GMT
server
cloudinary
x-timer
S1662095456.322872,VS0,VE1
etag
"90cd593e78cc2652f1bddf7e61ef0aba"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
gHf57R38954ZCAUFv70eqQE6rhSaQTcd6u0UkMViwK0SznAjC9O9bg==
x-cache-hits
1
3201692-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/0/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/0/1/3201692-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
95f1365c5c1b3e393224fa86f7fc8fe76cc76346ed2deca2401e80ce07f45cd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 09:41:15 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30158425
edge-cache-tag
244624961485076426163198379033327878073,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
244624961485076426163198379033327878073,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
5683
x-request-id
84701ea954771b6a804790828ffbe8a2
x-served-by
cache-dca17726-DCA
last-modified
Tue, 28 Dec 2021 09:41:16 GMT
server
cloudinary
x-timer
S1640684475.440262,VS0,VE528
etag
"693b3935584c7d0848ac3cd1d30bd2df"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
LTFYOhMwLBHkES3X2KCvh9PtXd9mEB3JZDD8TvBPaKkhZN08_ZLh2w==
x-cache-hits
0
2790015-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/7/9/0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/7/9/0/2790015-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
58acea94d16decf85fa312279f97cc354467abd9dd89c9d08d59d53d4675e91f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:40:56 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30144045
edge-cache-tag
293139560376849195979030122304746628062,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
293139560376849195979030122304746628062,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
4640
x-served-by
cache-bwi5078-BWI
last-modified
Tue, 28 Dec 2021 13:40:29 GMT
server
cloudinary
x-timer
S1640698857.715966,VS0,VE27
etag
"e35d9090567147ec3a5deb832f620276"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
uY5PcBH8lZyW9pJ5qKe06Qln10kxEitJW32eYvX1rGjo9du-ijkY8w==
x-cache-hits
0
2689955-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/6/8/9/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/6/8/9/2689955-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
c74c7d98c1d657a80c2b51929b35e3c14c599317f71e97826e9f810cdb16ada7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:40:56 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30144045
edge-cache-tag
428068536878141412124250729910492298062,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
cache-tag
428068536878141412124250729910492298062,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
4097
x-served-by
cache-dca17780-DCA
last-modified
Tue, 28 Dec 2021 13:40:35 GMT
server
cloudinary
x-timer
S1640698857.713541,VS0,VE27
etag
"7562704dcbcda9aea856da67ff787493"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
2MfZ6jS0J7MxRvFs3chUrpGqFYoEuFIgaMpEttBxVlWVvuypfwPLlg==
x-cache-hits
0
2569266-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/5/6/9/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/5/6/9/2569266-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
99472219ab322442d15d86814bc7549da5d4adfff39bbc9863ec1670cc09acf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:40:56 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30144045
edge-cache-tag
291055990541015425701711447942866706149,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
cache-tag
291055990541015425701711447942866706149,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
5011
x-request-id
94f3e25020ccaad14a9525acab826509
x-served-by
cache-bwi5078-BWI
last-modified
Tue, 28 Dec 2021 13:40:35 GMT
server
cloudinary
x-timer
S1640698857.911252,VS0,VE1
etag
"930887226653d74d7b6b785f141c3f96"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
FtpAkJ4Q-VQEXMJMii4IRJp-zg7H7wNst1w2UYffpba9aXVvjyb9eA==
x-cache-hits
1
2458708-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/2458708-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
2e0597e239a23fdde16b541722bba98f8d1e0faafec60349a43eaf2c4b341db4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:40:56 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30144045
edge-cache-tag
427702561446526010855477086547864208611,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
427702561446526010855477086547864208611,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
4924
x-request-id
61caf37de032b00bb52df60f03f33ed8
x-served-by
cache-wdc5531-WDC
last-modified
Tue, 28 Dec 2021 13:40:36 GMT
server
cloudinary
x-timer
S1640698857.721994,VS0,VE1
etag
"e79b568d70aec680ea358ea99eefe980"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
hKM3ACFZXbUtvRPOCi15TYgSDold-SC2rworIS5nM8gOAwy5qkfKNQ==
x-cache-hits
1
2458700-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/2458700-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
567e24ce11133b13cb595ee8a50b56a2e9b4807bf707e5ebc21449c841b8e32a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:40:56 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30144045
edge-cache-tag
420589725738587038339324671745334257837,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
420589725738587038339324671745334257837,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
6570
x-request-id
fe6da12bc77f2debd8b13e7eb123919e
x-served-by
cache-dca17739-DCA
last-modified
Tue, 28 Dec 2021 13:40:36 GMT
server
cloudinary
x-timer
S1640698857.723016,VS0,VE1
etag
"5b51a91c7692f20c0def849df41f80a2"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
ISEnffRDLMXhgG7CLQGrsd7h9lyX3oOveEX5QoyKUSYH_HS1N4g2fw==
x-cache-hits
1
3056473-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/3056473-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
3c88267943e2de1dc46e991fd72ded98c51516f3666115f72bec30ea783f6228

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:40:56 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30144045
edge-cache-tag
189831622532334226913061204231590625603,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
cache-tag
189831622532334226913061204231590625603,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
6500
x-served-by
cache-wdc5573-WDC
last-modified
Tue, 28 Dec 2021 13:40:37 GMT
server
cloudinary
x-timer
S1640698857.722569,VS0,VE29
etag
"319bc4f1ef7b4af4dbcbe354b8d22888"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
fzsc6LqSwqXV57M2f5I2BGDf4Xbik4Y3yowMxkuY5_3AMCe7DD8bGA==
x-cache-hits
0
2458710-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/2458710-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
54e0a01ac7bf3042c83af683bedf1bded3b36a0da479ec3b21f906d1f821b4e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:40:56 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30144045
edge-cache-tag
111507091159993083465552948296421794573,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
111507091159993083465552948296421794573,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
4768
x-served-by
cache-wdc5569-WDC
last-modified
Tue, 28 Dec 2021 13:40:37 GMT
server
cloudinary
x-timer
S1640698857.722888,VS0,VE54
etag
"e3df4d1c6fe4ba0f6823f7daf8117581"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
q68-Jgon9ckBuE-dhzhLPQEPyJtSg3CasdfXAFNyhJkhwFT1ml0AOQ==
x-cache-hits
0
2458703-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/4/5/8/2458703-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
f052a36329a20e7a80766ddb576dca170731ac41b869aec96919cc1a390cf3d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:40:56 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30144045
edge-cache-tag
345200022237119608375710859694897437430,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag
345200022237119608375710859694897437430,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
4181
x-served-by
cache-bwi5038-BWI
last-modified
Tue, 28 Dec 2021 13:40:37 GMT
server
cloudinary
x-timer
S1640698857.916735,VS0,VE31
etag
"07cc553b9a5cacb49e515b15a823c5cd"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
XyTPid7VRMaCqoi_k4TQf8nNkoIvX5ht8LY7rn1xC_UZIIddz3-_Jw==
x-cache-hits
0
3056469-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/3056469-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
99f692cdac39b2c3ca4e1bdd8f1d39ad32344271cd4e177ba789433b39fa1545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:40:56 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30144045
edge-cache-tag
141224755671922293061345999291324385819,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
cache-tag
141224755671922293061345999291324385819,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
4798
x-served-by
cache-bwi5041-BWI
last-modified
Tue, 28 Dec 2021 13:40:38 GMT
server
cloudinary
x-timer
S1640698857.721915,VS0,VE43
etag
"3fbd849f8c63bfa13e44cf7cce55de61"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Mz208TWwrcn4wGqICfZx3QuqMS4n0f9FzOvVcczwGLyEm3XesI53zQ==
x-cache-hits
0
3195438-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/9/5/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/9/5/3195438-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
4b69b1a03bda3b27fe03e65eac8426d87d201f99a4c40450cf02e5d595934f5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:40:56 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30144045
edge-cache-tag
323456634299921046643978541856271047659,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
cache-tag
323456634299921046643978541856271047659,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
5170
x-served-by
cache-wdc5539-WDC
last-modified
Tue, 28 Dec 2021 13:40:38 GMT
server
cloudinary
x-timer
S1640698857.726018,VS0,VE31
etag
"dc9d4aead0b1ac2b16f1669ba3702e3b"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
jJNU3e3uXtxLHzqeEvpqscwZgHMs1Qm6Lgw2-F2jrtRI0D5f4FR-HQ==
x-cache-hits
0
3056475-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/0/5/6/3056475-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
d3cf32c10278a33509ebb76a209c70e5305993247be26df474afc433d9b6af9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 15:41:08 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
25125633
edge-cache-tag
380157332463188646326624006063972101983,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
cache-tag
380157332463188646326624006063972101983,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
5018
x-served-by
cache-wdc5566-WDC
last-modified
Tue, 28 Dec 2021 13:47:05 GMT
server
cloudinary
x-timer
S1645717268.261668,VS0,VE1
etag
"f8bf1ab53626c1657eb41a9ce7182cbe"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
JhyQARnL3Rtd43wPNCMv05NYAyuqBnCv1iDREBZQdIPNQGTeoOLZFw==
x-cache-hits
1
3396194-46.png
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/9/6/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/9/6/3396194-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
48cc1c4165b68d2b3b570db5ff8fcf8db771bc50cfa89ffa6eb6cbaaeef456f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 12:05:57 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
16239344
edge-cache-tag
272028027979151128692502138114259190695,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
cache-tag
272028027979151128692502138114259190695,389546534797666814456705066913869248028,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
4261
x-request-id
733a24185cee0a42a7038e12e3f250d9
x-served-by
cache-iad-kiad7000164-IAD
last-modified
Tue, 07 Jun 2022 12:05:58 GMT
server
cloudinary
x-timer
S1654603557.295139,VS0,VE450
etag
"1da8e24227cc1824e039e3753fdbfd3b"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Suk7o_d64TLBNqO888G4sikmYM9epRipLYsBVIjcmmfod2cRBzXToA==
x-cache-hits
0
3469263-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/6/9/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/6/9/3469263-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
69c6c0f393573c4c70b7340235f0638807deec7ddf293d163fa5907f25ae9af4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 07:04:59 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
14202
edge-cache-tag
297598554513145585646926113320872163440,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
297598554513145585646926113320872163440,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
13780
x-request-id
9d6b3b6aaa9daccbe0cec2cf12563c32
x-served-by
cache-lga21934-LGA
last-modified
Mon, 12 Dec 2022 07:05:00 GMT
server
cloudinary
x-timer
S1670828696.719273,VS0,VE4056
etag
"1ebd4e1bd900224beb7c58c3b76afa7d"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
SBSK5FBwyHd5KqUC0SzI0Hxs0bc9LmSb0bx0apHHosjJSrzyCZcU8w==
x-cache-hits
0
3469270-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/6/9/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/6/9/3469270-46.jpg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
8a70c0624c31af273f95eafeb63352241d406c511e8b16237b84a99b603b4707

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 07:42:05 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
11976
edge-cache-tag
157693971306247459847614295501585623243,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
157693971306247459847614295501585623243,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
8131
x-served-by
cache-lga21967-LGA
last-modified
Mon, 12 Dec 2022 07:39:37 GMT
server
cloudinary
x-timer
S1670830926.648453,VS0,VE44
etag
"da516a3df1eb0a4c021ded9338b31e2c"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
mR1rWGFItIiWoYPGxMMaxyhHBfBJsxsDPaoTPyb16qeV6ED2hYdqKA==
x-cache-hits
0
3428893-46.png
images.wcdn.co.il/f_auto,q_auto,w_200/3/4/2/8/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200/3/4/2/8/3428893-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
511141a74343ff8870a9a44bd68a783626ef2c04d3d1b19e56d807577f128be7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 06:48:39 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
8309582
edge-cache-tag
349373675588109688605853945334572351804,264419446907812767811778384069664324750,d2bce9e04f88d43dd8350e859c701704
cache-tag
349373675588109688605853945334572351804,264419446907812767811778384069664324750,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
1268
x-request-id
cb92540eb45ef5dcf4ea31eb5976fa96
x-served-by
cache-iad-kjyo7100125-IAD
last-modified
Wed, 07 Sep 2022 06:48:40 GMT
server
cloudinary
x-timer
S1662533319.668370,VS0,VE334
etag
"b092f4dbb76bfcfac43023b9e9a134f0"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
7tH61dqD0QRbacY2iAMm5PqlxDMM0X-0ozdl0_5ARX-21FtATfbTvg==
x-cache-hits
0
3428887-46.png
images.wcdn.co.il/f_auto,q_auto,w_200/3/4/2/8/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200/3/4/2/8/3428887-46.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
0aaf952ded797106ab7debb341207bcb7f19bb00df865033496bc6f63dddf544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 06:48:25 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
8309596
edge-cache-tag
234259310346546742301761073206931054973,264419446907812767811778384069664324750,d2bce9e04f88d43dd8350e859c701704
cache-tag
234259310346546742301761073206931054973,264419446907812767811778384069664324750,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
1689
x-request-id
a4d6c0489975fcb83c0953ea16350ccd
x-served-by
cache-lga21925-LGA
last-modified
Wed, 07 Sep 2022 06:48:26 GMT
server
cloudinary
x-timer
S1662533305.478491,VS0,VE461
etag
"f368d9255c3b409dca597a9ff0722bc3"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
XYJkbi0kFjHAHfxwlMhcaEvEmd6YoWyuVTs9kUh4JYwHOWZ7BwDe4A==
x-cache-hits
0
3208941-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/0/8/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/0/8/3208941-46.jpeg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
e8467cb161f6e8c280105909388507391e1e82fe7c7a7db1d1087b0e5f732451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 08:46:45 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
30248096
edge-cache-tag
419690950497956840307770181266891081760,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
cache-tag
419690950497956840307770181266891081760,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
3946
x-request-id
0ac10a80dbcddeafdb5a9ebce25dcb90
x-served-by
cache-wdc5565-WDC
last-modified
Mon, 27 Dec 2021 08:46:46 GMT
server
cloudinary
x-timer
S1640594805.050626,VS0,VE554
etag
"410b10e82fc9339e1494b3ebf506ab4f"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
QrQ5ppR4NhmhxT2-inr5-uFig4vm-WqgaY_FouzH2SOm7hB9KRhuiA==
x-cache-hits
0
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:41 GMT
Content-Encoding
gzip
Age
1033
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29221
Last-Modified
Wed, 02 Nov 2022 19:43:37 GMT
Server
ECS (frb/6724)
Etag
"6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1670842900206&cv=9&fst=1670842800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fsports.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&fmt=3&is_vtc=1&random=589644236&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1670842900206&cv=9&fst=1670842800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fsports.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C&fmt=3&is_vtc=1&random=589644236&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3455015-46.mp4
images.wcdn.co.il/q_auto,w_300,t_54/3/4/5/5/ 		305 KB
307 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.wcdn.co.il/q_auto,w_300,t_54/3/4/5/5/3455015-46.mp4
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
cloudinary /
Resource Hash
cfd0a6143d48e4eb381f4b8b8a20fd9d0b56666ae4cf18f2f7bc6e957f57951a

Request headers

Referer
https://sports.walla.co.il/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 14 Nov 2022 13:45:02 GMT
via
1.1 varnish, 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
2409399
edge-cache-tag
152101116629802270640931231658896934528,297971540058848560575371772229170621855,d2bce9e04f88d43dd8350e859c701704
cache-tag
152101116629802270640931231658896934528,297971540058848560575371772229170621855,d2bce9e04f88d43dd8350e859c701704
status
206 Partial Content
x-cache
Hit from cloudfront
Content-Range
bytes 0-312775/312776
Content-Length
312776
x-request-id
1896e99edd53808a1614bbe590f0880d
x-ua-compatible
IE=Edge,chrome=1
x-served-by
cache-iad-kjyo7100022-IAD
last-modified
Mon, 14 Nov 2022 13:45:03 GMT
server
cloudinary
x-timer
S1668433497.551933,VS0,VE5588
etag
"bacc165ce703f849207211dd973329ce"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
c45pSlOa3n9LUvwOQhjDbOE1ldqWfHdv6hIeuNxpE4vlf98CUIGsNA==
x-cache-hits
0
get
odb.outbrain.com/utils/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=0&rand=42088&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=40&vpd=0&pubInState=1&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
747160ad9a1497e19acc5c5e63ea35747daff123caf9a402e7e5211971d04d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842901.301052,VS0,VE102
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21922-LGA, cache-fra-eddf8230043-FRA
x-traceid
83f4abd6f9797b4367f41a24cd4b933e
accept-ranges
bytes
content-length
1123
expires
Thu, 01 Jan 1970 00:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1450686
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7785f6a58d24922c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
sports.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-8.bom78.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
via
1.1 6e65028b4e532eed42927d1fb54e1d6e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 10:42:35 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
BOM78-P1
etag
W/"558e-18505ede578"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
SIEEsTLzEp42FsfFsLDSQU3C_MgVgB0o87-kSxzc0lFITWKP6m9gbw==
unip
trc-events.taboola.com/1245572/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=1711&scd=21&ssd=1&est=1670842899784&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670842901495&vi=1670842899781&ri=15499e273d289dc852b1f0af102ee293&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
https://sports.walla.co.il
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221212
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05934d7b0fef3ada823d64f6825db606b9f186585e766053ebb43060cbc0d09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25242
x-jsd-version
1.0.1553
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4550-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66f-5yaGYK+Z8yEYy+jhnewVDvDOi/o"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2b2r9cbLZjDhlEtEvqjd4TdOu7r2%2FAtzILAlnGuBCtarl6fO4I3yH%2BvafUxc%2BOkjIYPFJpAPi0v57Zu1%2FPFn0v3OC8ll5VCe7tP64UPGdtQmUsoV0mq9Yr1EEcwQNZZ%2FOeWuOj6ZxIjakUyviI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7785f6a6cf389a30-FRA
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:41 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1621830
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylOPvalutrqNboqp%2FMOgBX63sFQOmDCpLv6%2FKMQGyh0HGVElYpD7gX6vhX4g1SRTwZ%2Fean4%2FBFDa1d7%2BJmzsXAwUO4IHJLq%2Bz0HlzQr8%2FwFawM8n3VbDhUbBeWqDpIto64vXmhaQGfRfR%2Fwf"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7785f6a6cc9f5b80-FRA
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
ea430238f178b636c928a445f7d938195817041c902c78aa83681dfa0a10c429

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
x-reason
maxmind anonymous vpn
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		2 KB
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fsports.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fsports.walla.co.il%2F&PublisherDomain=walla.co.il
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
348026bb302dc71497ff7bc633a1b5850a4518acadde3325830033c3f4aeba24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
362
content-length
450
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ 		582 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fb29dda4cdc54100b8e81a30683411bbc564ee1a8e12213395ad91f2775dfcf8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Dec 2022 11:01:41 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f046f2f1-5a42-463a-94e2-b7ad7bbe2a59
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sports.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
23b2942809e8843ff9d64ac1daa2073692be9c958ffec80293bebbaa72e00457

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Dec 2022 11:01:41 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://sports.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
a3d5bccf0d7e3c9c4c4b141e120e9d5ee450d2425c6fc0c64f7e33218434a180

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.walla.co.il
Date
Mon, 12 Dec 2022 11:01:41 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=91596519768
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/ 		19 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fsports.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.209.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-209-117.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:40 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:40 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.walla.co.il
date
Mon, 12 Dec 2022 11:01:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fastlane.json
fastlane.rubiconproject.com/a/api/ 		432 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.page=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.domain=sports.walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Ftop_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=2f69d05a-ae63-4821-988b-4f4b5bcd2257&l_pb_bid_id=9141e771da3b04a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Ftop_desktop&slots=1&rand=0.8579362359128329
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6ccda4d02b16a44a30bc30f7cacf41703b8a415a4dc1ddc66918641c3a5079ce

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
432
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		435 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.page=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.domain=sports.walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=9f552135-6fb5-40c9-96c0-6133ed1ff164&l_pb_bid_id=92041e59ef7c2d1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&slots=1&rand=0.8995331337697579
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
36eb80709a33e27046b5c393858970917eaa0563bbcfbb2cbc3a06e428a2b862

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
435
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		437 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&alt_size_ids=10&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.page=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.domain=sports.walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=36672622-0348-4a1e-8056-3d10b7dfc71e&l_pb_bid_id=93cbb1a71c915ba&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&slots=1&rand=0.9209548040050155
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
041e4e82e96fd8f261f616dab5168f90097b9a265a622150c96544d252e32174

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
437
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		440 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&alt_size_ids=10%2C54&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.page=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.domain=sports.walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=606f5f22-066f-4746-8ce0-2d1d4a1bb2e0&l_pb_bid_id=9442f7531ab1941&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&slots=1&rand=0.24848105855936775
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
df07a5a9008d3c3efdc200644ff56418e145ca0c2d463b210cb5eb8a49b497f5

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
440
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		427 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.page=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.domain=sports.walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Fyad2_inner_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=2aaaad44-48d3-4bd0-b0e8-6239e11ea67a&l_pb_bid_id=95b6b3507febc19&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Fyad2_inner_rectangle_desktop&slots=1&rand=0.5072557132301458
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b3bc14b41d1756b0e894eb1e5a221d3e49ca7ec836c15d9d947261ecf01d055e

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
427
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22967cb02311e8b4f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsports.walla.co.il%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fsports.walla.co.il%2F%22%2C%22domain%22%3A%22sports.walla.co.il%22%2C%22publisher%22%3A%7B%22domain%22%3A%22walla.co.il%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A13%2C%22msi%22%3A13%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsports.walla.co.il%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22978f41348a8445f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A180%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22970x180%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A350%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22970x350%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Finnerpages%2Ftop_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Finnerpages%2Ftop_desktop%22%7D%7D%2C%7B%22id%22%3A%22100f55eb44c645a2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%22102517690d5332e7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop%22%7D%7D%2C%7B%22id%22%3A%2210451fd261bff13d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop%22%7D%7D%2C%7B%22id%22%3A%22106abfa7cf0c9797%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Finnerpages%2Fyad2_inner_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Finnerpages%2Fyad2_inner_rectangle_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d89b2f0550c1ac921e821fe25897ecb2032251dfb6a39139a6fa8e57a77a640

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JysRIcrMX9SSDzgSDhyCytEnVbWwnQanUV1%2Fb3aeRfLFDzv15Ojsbm5GHvUQI8WZxsDQgbClJc%2FRJeeJMd7eF1PPj5dG3o7Jr%2FNE9zutdg%2Bhv0dgtaLEv2sVQ2iGArjL2CaLg13y"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7785f6a73ebe6939-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:41 GMT
AN-X-Request-Uuid
b8e01796-c88e-49dd-aac1-a4ded71932b7
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sports.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7785f6a71f5d922c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7785f6a71f60922c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7785f6a71f61922c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7785f6a71f62922c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7785f6a71f63922c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
mp.4dex.io/ 		114 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0efeda61220209770aa3a3b7b1f8b1743dc34c4fba91e6f157e2c105c15a85fb

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 12 Dec 2022 11:01:41 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: adSlot-0, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: adSlot-7
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7785f6a759fb9b88-FRA
expires
0
arj
u.openx.net/w/1.0/ 		73 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsports.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2f69d05a-ae63-4821-988b-4f4b5bcd2257%2C9f552135-6fb5-40c9-96c0-6133ed1ff164%2C36672622-0348-4a1e-8056-3d10b7dfc71e%2C606f5f22-066f-4746-8ce0-2d1d4a1bb2e0%2C2aaaad44-48d3-4bd0-b0e8-6239e11ea67a&nocache=1670842901608&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x180%2C970x250%2C970x350%7C120x600%2C160x600%7C300x250%2C300x600%7C300x250%2C300x600%2C300x1050%7C300x250&divids=adSlot-0%2CadSlot-1%2CadSlot-6%2CadSlot-7%2CadSlot-20&aucs=43010785%252Fwallanews%252Finnerpages%252Ftop_desktop%2C43010785%252Fwallanews%252Finnerpages%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Finnerpages%252Frectangle1_desktop%2C43010785%252Fwallanews%252Finnerpages%252Frectangle1_desktop%2C43010785%252Fwallanews%252Finnerpages%252Fyad2_inner_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782%2C544104782
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f78f8df89252cfae14bfc370fb13ca6a6fd0fcb431f226cc6c5efdda28e8f76f

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://sports.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sports.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sports.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		95 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1041663728480577&correlator=273935534570517&eid=31070873%2C31071093&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Cnickbar_desktop%2Cprestitial_desktop%2Cvideo_slider_desktop%2Clogo_strip_result%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=970x40%7C970x50%7C970x80%2C1x1%2C1x1%2C300x95%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&adks=578455068%2C3148174723%2C2933179666%2C2166357542%2C955607527%2C1550663174%2C3407257045%2C2820594065%2C2093082828%2C1128514496%2C238374449%2C3567052722%2C199825890%2C3619221825%2C3200492287%2C2429947436&didk=1193245113~1193245112~1193245115~1193245114~1193245119~1193245118~2997460807~2997460804~2997460805~2997460802~2997460803~2997460800~2997460801~2997460814~2997460815~2997460812&sfv=1-0-40&ists=20479&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Dvideo_slider_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Dlogo_strip_result%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1670842901647&lmt=1670842901&dlt=1670842898859&idt=433&adxs=315%2C-12245933%2C800%2C315%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C-12245933%2C116%2C1084%2C5630%2C5630%2C5630%2C5630%2C5630%2C5630%2C5630%2C5630%2C5630%2C5630%2C5630%2C5630&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C0%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsports.walla.co.il%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C1600x0%7C300x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=970x-1%7C0x-1%7C0x0%7C300x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C640%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C0%2C1600%2C300%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=361128423.1670842900&ga_sid=1670842902&ga_hid=319267692&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4635e259c09addf6f950ec8a0aa443729e4d3af07bdb9db42ef410c45b6f7373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23993
x-xss-protection
0
google-lineitem-id
-1,-2,-2,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-2,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F47C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:41 GMT
expires
Tue, 12 Dec 2023 11:01:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=fd82bbef3c55d2f83a7aec1eefc9cbad_1769_1670842901356&tm=1652&eT=6&wRV=2000982&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:42 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
33b5edced88319098de0482df68a3673
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=1&rand=49963&key=NANOWDGT01&widgetJSId=SF_6&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=1810&vpd=610&pubInState=1&cw=635&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b0779a76bbc4d6d2543290f038abd4ca7d1880636cdac2010a87a6c4c1c734a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842902.735424,VS0,VE215
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21940-LGA, cache-fra-eddf8230043-FRA
x-traceid
72215f217463d44dd7e2527d76ecb46b
accept-ranges
bytes
content-length
7088
expires
Thu, 01 Jan 1970 00:00:00 GMT
events
khn.crowdad.io/ 		0
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.214.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-214-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.walla.co.il
date
Mon, 12 Dec 2022 11:01:41 GMT
access-control-allow-credentials
true
content-length
0
events
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.214.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-214-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://sports.walla.co.il
content-length
0
date
Mon, 12 Dec 2022 11:01:41 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 5738 		0
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6a838f3922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:41 GMT
server
cloudflare
vary
Accept-Encoding
716c6e65df0474cf191366483e402d
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 905C
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/716c6e65df0474cf191366483e402d?gdpr_consent=&gdpr=0
0
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/716c6e65df0474cf191366483e402d?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6a94a8d922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:41 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 12 Dec 2022 11:01:41 GMT
Expires
Mon, 12 Dec 2022 11:01:41 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/716c6e65df0474cf191366483e402d?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1670842901853087-564
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:41 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JBHXNWB1HP6E11K2
Age
1732365
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
cH9pMhEgRz4jWRl8VzQMwwLWaANeydXo8M5UtZvjwIPtqU5oyef9GNsT8PZ8jQP4Z9A2xLgBW+w=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnACr1j8VWlH8psf0D1xUcuuCUKDihV7lImmL4XaiGXoUd4Mvtb2pQfAF1z2%2BkWYkqkEgm2tbMXGKlXT1%2FpzJYeh0nzFBwTKGC6n0HnkgElwmBqsQ0rB%2BPOB8fNuHqZZGAmaN1DmXoJBz9eL"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
7785f6a859ad694c-FRA
v1
match.sharethrough.com/universal/ Frame 702B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.254.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-254-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
4MHUIg6TAPpipoiynd6X
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame BA0D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted&tc=1
0
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6a92a72922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:41 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 12 Dec 2022 11:01:41 GMT Mon, 12 Dec 2022 11:01:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 5CE7
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
47ea645b-9684-42dd-b317-c5076295755d
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 12 Dec 2022 11:01:41 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6a90a2e922c-FRA
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:41 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 4166 		1 KB
825 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7785f6a9dd338fd4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:42 GMT
server
cloudflare
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1662969048.571231"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
expires
Wed, 11 Jan 2023 11:01:42 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=ada86a6bad9517cc88495fc65fb029da_1769_1670842901900&tm=1915&eT=0&widgetWidth=635&widgetHeight=105&widgetX=650&widgetY=1770&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=256&oo=true&lo=2152&odbreq=3911&odbres=4166&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:42 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
10a0546c4f559289af362b6c3042c7fb
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=2&rand=53871&key=NANOWDGT01&widgetJSId=SF_10&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=2399&vpd=1199&pubInState=1&cw=325&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e56ff11bbed58f7f055642c8d24a92ffd81c7e47533bcb148a13e925feece2ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842902.997540,VS0,VE216
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21946-LGA, cache-fra-eddf8230043-FRA
x-traceid
2c3bef57d86f93729a3288ba01598505
accept-ranges
bytes
content-length
6396
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 12 Dec 2022 11:01:42 GMT
server
Google Frontend
x-cloud-trace-context
79cadd7f9803b42aad90b3703e3a5c71
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
x-request-id
fdf9dfa2-6896-4487-af25-19766a63cd13
x-vad-version
0.9.13

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
x-cloud-trace-context
f69bb7ee2b0d90ab8972a9fdf2532e3b
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sports.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sports.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		369 KB
70 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1041663728480577&correlator=646769924495271&eid=31070873%2C31071093&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Ctop_desktop%2Cskyscraper_desktop%2Crectangle1_desktop%2Cyad2_inner_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%2C120x600%7C160x600%2C320x50%7C300x250%7C300x600%2C320x50%7C300x250%7C300x600%7C300x1050%2C320x50%7C300x400&fluid=0%2C0%2Cheight%2Cheight%2Cheight&ifi=17&adks=2574293897%2C2790448677%2C3227896421%2C2040804365%2C30064623&didk=1193244743~1193244742~1193245117~1193245116~2997382151&sfv=1-0-40&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D13234132db53696b%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%7Cslot_name%3Drectangle1_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D133d9893924e45bb%7Cslot_name%3Drectangle1_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D134598e79682836%7Cslot_name%3Dyad2_inner_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D3%26vertical_name%3Dsports%26mobile%3D0%26vertical_eng_name%3Dsports%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fsports.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D13571e46fe3c6df7&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1670842902037&lmt=1670842902&dlt=1670842898859&idt=433&adxs=805%2C1480%2C315%2C315%2C315&adys=101%2C185%2C1306%2C1861%2C2951&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C14%7C15%7C16&ucis=h%7Ci%7Cj%7Ck%7Cl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsports.walla.co.il%2F&frm=20&vis=1&psz=970x0%7C0x-1%7C300x0%7C300x0%7C300x0&msz=480x0%7C120x-1%7C300x0%7C300x0%7C300x0&fws=132%2C644%2C132%2C132%2C132&ohw=970%2C0%2C300%2C300%2C300&ga_vid=361128423.1670842900&ga_sid=1670842902&ga_hid=319267692&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
212f327a5d406e5d9a03a04f3e597a2d97144b8d2da0a441c8573c0cccc1c5ce
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIWEo-328_sCFYKKgwcdS6UIEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/1994317184232231449/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIaEo-328_sCFYKKgwcdS6UIEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13427559203645464275/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIOEo-328_sCFYKKgwcdS6UIEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14674112099215987585/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIWEo-328_sCFYKKgwcdS6UIEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/1994317184232231449/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIaEo-328_sCFYKKgwcdS6UIEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13427559203645464275/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIOEo-328_sCFYKKgwcdS6UIEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14674112099215987585/index.html
date
Mon, 12 Dec 2022 11:01:42 GMT
x-content-type-options
nosniff
content-encoding
br
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71517
x-xss-protection
0
google-lineitem-id
-1,-2,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
eyJpdSI6ImNhYmJmZmFkYjk3YmEzNWI2MWU2MjlhNzk0MzE3MTYwYjBmMGVhYmRhY2Q0ODE3MjMyNTYyZDI2YTllN2FiMTIiLCJ3Ijo1MDAsImgiOjI4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNhYmJmZmFkYjk3YmEzNWI2MWU2MjlhNzk0MzE3MTYwYjBmMGVhYmRhY2Q0ODE3MjMyNTYyZDI2YTllN2FiMTIiLCJ3Ijo1MDAsImgiOjI4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.193.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-193-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c3c631164134a8904fd7d088c7bc08d983f7f26f68552c2c01c1af20e6e6e0c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
last-modified
Wed, 07 Dec 2022 10:27:31 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2028552
access-control-allow-credentials
false
x-traceid
5ce6696eecc4e27edacb0d20f076782f
timing-allow-origin
*, *
content-length
57572
getuid
sync.smartadserver.com/ Frame 2119
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 12 Dec 2022 11:01:42 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Mon, 12 Dec 2022 11:01:41 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
fc8d9096-0f56-4abb-a2ff-69394e9c0439&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 642A
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/fc8d9096-0f56-4abb-a2ff-69394e9c0439&partner_id=1010
0
652 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/fc8d9096-0f56-4abb-a2ff-69394e9c0439&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6acd865922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:42 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Mon, 12 Dec 2022 11:01:42 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/fc8d9096-0f56-4abb-a2ff-69394e9c0439&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame D46C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
704c1e4d3fcc922a3031d436b584678b
1
sync-eu.connectad.io/syncer/ Frame E405 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7785f6aa8e9e8fd4-FRA
date
Mon, 12 Dec 2022 11:01:42 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 34E7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=90163
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:42 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Dec 2022 12:04:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
Y5cKFjx6FoJlUD-FCRKzuwAA%261199
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 1596
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
0
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6ad18b5922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:42 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7785f6acdaf19143-FRA
content-length
0
date
Mon, 12 Dec 2022 11:01:42 GMT
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLdjlf1qFd2ZIkCuh3SWuq2rBGJa%2B46ryZAOjTLTe3zQHKoWjfgkdktwvk1KPR6gI4skrmHkRHUX%2FRBerS3Bsg2UPnoiEtpMxzEmSS1LgNlGrerpnJFAg1%2F5epXjtYs8SXY%2FAsFX6i8XVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=ab6d7e6ab5b3557e84b8a637ad92bb0c_1769_1670842902159&tm=2151&eT=0&widgetWidth=325&widgetHeight=57&widgetX=650&widgetY=2359&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=230&oo=true&lo=2152&odbreq=4172&odbres=4402&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:42 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
ef52ccee86d587d7bc2e65c1a5deaa9a
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=3&rand=99789&key=NANOWDGT01&widgetJSId=SF_10&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=2780&vpd=1580&pubInState=1&cw=325&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c97652415dbbf34c809964d57a9739a66f9fd7c3511f851c5c8a56c225f8640

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842902.229707,VS0,VE193
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13624-LGA, cache-fra-eddf8230043-FRA
x-traceid
b8c11e91c559209065c540894010a169
accept-ranges
bytes
content-length
6345
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C8D6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:41 GMT
expires
Tue, 12 Dec 2023 11:01:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032211111611000/ Frame 33C4 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f55c14576b73b1fa761c9722153509875403c18b3a6916045fd146f3e3a6a00
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 07 Dec 2022 00:19:59 GMT
age
470503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61627
x-xss-protection
0
server
sffe
etag
"0be482f0352f4793"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Dec 2023 00:19:59 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 33C4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4529063318c99582948589c202835d859092d2a24e417f4f0a3ccfe8211ad37e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 07 Dec 2022 00:19:59 GMT
age
470503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5201
x-xss-protection
0
server
sffe
etag
"0e2d67a193799b94"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Dec 2023 00:19:59 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 33C4 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032211111611000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7b74f18b90d3a161b71d0fef3b4de6db5cdb3732dfaa445740bfd2042f78b9f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 05 Dec 2022 23:12:16 GMT
age
560966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28866
x-xss-protection
0
server
sffe
etag
"61003bcde0ed5887"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Dec 2023 23:12:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 33C4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032211111611000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b63fa8f90f3f8b30a8c57665c86ad065073211f0f55a51d3b6f8cee295e3aa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 07 Dec 2022 00:19:59 GMT
age
470503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1906
x-xss-protection
0
server
sffe
etag
"d44263764bdab45e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Dec 2023 00:19:59 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 33C4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032211111611000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99c69003f1b475f64a578b13fdfd566cc32c9ec0d7e51aabfe5c2b58de70918f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 09 Dec 2022 20:01:38 GMT
age
226804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12947
x-xss-protection
0
server
sffe
etag
"9cd92599851d18a1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Dec 2023 20:01:38 GMT
css
fonts.googleapis.com/ Frame 33C4 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Dec 2022 11:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 10:48:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Dec 2022 11:01:42 GMT
iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 33C4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/iw.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:41:50 GMT
x-content-type-options
nosniff
server
cafe
age
47992
etag
415739381108731362
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2712
x-xss-protection
0
expires
Mon, 12 Dec 2022 21:41:50 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 33C4 		344 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 10:22:22 GMT
x-content-type-options
nosniff
server
cafe
age
2360
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 13 Dec 2022 10:22:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 33C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEeACFQqXY6DGMpqRjuwPiYiokAL55OrFba6_xbemDabgz820EBABINGTwypgleKQgqAHoAGwuqHXA8gBBqkC8RmeSZensT7gAgCoAwHIAwqqBOEBT9AeLEGkhu2WOJtmDw_RGAnzAaBIeOkD8A6juTZTG07ZQV9klQOjhyagmTWXhy8j1waMLY1PCH6TTY3j6OJdWrEPbQ118UZLiDMdB6ASt_a4Mx3omP6juhlKT2JNmrWXxbJpY4faLXAoolhqmu68qzicYKdYdjy8sKUWyT0KsS3eCgBTy-lF8vEKQ9_oxWzgFiTuZ4kaXy5cA0EnNqz83IlkuCUbMH04WnkbrS-WUfyDIfcdZpwc94Cz4Uttav5CMfRMmbJuP75-YID6xy8jJTPRvgezQ1DdPF5LkNgpTUN7wATxqf3kogPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHv9m9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBDt2QTSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=Mcce4NTdrE0&uach_m=[UACH]&cid=CAQSOwDq26N9ULHs66_yAlcgyMqloV8f-nhDCvagv_CMjTvc2DJ5x5hUE8ERdMzIq4cpx0otfpvVHbRETF7UGAEgEw&template_id=493
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
9507606201371492950
tpc.googlesyndication.com/simgad/ Frame 33C4
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCb7dTqXxCwCRisAjIISoN6P0GycxM
  • https://tpc.googlesyndication.com/simgad/9507606201371492950
37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9507606201371492950
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ee8ced4aa208edb5900fa92393d38bf5f02086863574f64cce2d0b2eb96b0f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 06:44:49 GMT
x-content-type-options
nosniff
age
274613
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37736
x-xss-protection
0
last-modified
Wed, 08 Aug 2018 08:13:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 06:44:49 GMT

Redirect headers

date
Mon, 12 Dec 2022 06:46:28 GMT
x-content-type-options
nosniff
server
cafe
age
15314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/9507606201371492950
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 11 Jan 2023 06:46:28 GMT
11530517637861798011_9186565913604646649.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 33C4 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/179058610/11530517637861798011_9186565913604646649.jpeg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68eaf8ac60d0942a6bcee0b4538d7d50ebe41bd26e332550d05d8b9d37fa16e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:01:11 GMT
x-content-type-options
nosniff
age
7231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91035
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 08:39:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 09:01:11 GMT
truncated
/ Frame 33C4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237f87dcb8804575bf2e87a17ec516e8dc85f351325f8c08ad396fb51c4d2eb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame 34E7 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59528303&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
37b3bd0e86ee71fb44e3d529973ee91bbbb0514e1bb02aeafb25c3b01959b9f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=980ec6f34566b1f5cc31e00a03a5eced_1769_1670842902372&tm=2413&eT=0&widgetWidth=325&widgetHeight=57&widgetX=650&widgetY=2742&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=257&oo=true&lo=2152&odbreq=4408&odbres=4665&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:42 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
466cdab99863af8e9bd11fba59a1a3ff
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=4&rand=92414&key=NANOWDGT01&widgetJSId=SF_10&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=3191&vpd=1991&pubInState=1&cw=325&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3db78c8b09f269ad11ad4f1ee124c77d125a76c660df7156fd50f641322fc3fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842902.498267,VS0,VE204
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21973-LGA, cache-fra-eddf8230043-FRA
x-traceid
3cba62fbca880fb55e65ab38d3c3126a
accept-ranges
bytes
content-length
6400
expires
Thu, 01 Jan 1970 00:00:00 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 33C4 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 22:12:48 GMT
x-content-type-options
nosniff
age
478134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 22:12:48 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 33C4 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sports.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 17:36:16 GMT
x-content-type-options
nosniff
age
581126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 17:36:16 GMT
match
c1.adform.net/serving/cookie/ Frame 78F0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent=
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 12 Dec 2022 11:01:42 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 12 Dec 2022 11:01:42 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 386B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:39ab6397-0a17-4f00-915b-4af970bb99c0&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:39ab6397-0a17-4f00-915b-4af970bb99c0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 11:01:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 12 Dec 2022 11:01:43 GMT
Expires
Mon, 12 Dec 2022 11:01:42 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master hkg-pixel-x18 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:39ab6397-0a17-4f00-915b-4af970bb99c0&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame C0BD
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=692755142150893309
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=692755142150893309
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 11:01:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=692755142150893309
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 8DE1 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:41 GMT
expires
Mon, 12 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
657820
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8EA2
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD93BD3F-D315-4E92-ADC1-8C014848E39B&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD93BD3F-D315-4E92-ADC1-8C014848E39B&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD93BD3F-D315-4E92-ADC1-8C014848E39B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 12 Dec 2022 11:01:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YAKY6VF1A1EZA1ZM368J

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 12 Dec 2022 11:01:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=DD93BD3F-D315-4E92-ADC1-8C014848E39B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9TNWWA1NR43WMH12XMQ5
Pug
simage2.pubmatic.com/AdServer/ Frame 0711
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8565284698728386972&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8565284698728386972&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 11:01:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
974788ad-2677-421e-a9d8-816bb1ad183e
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Dec 2022 11:01:42 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8565284698728386972&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
DD93BD3F-D315-4E92-ADC1-8C014848E39B
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame ABB1 		0
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/DD93BD3F-D315-4E92-ADC1-8C014848E39B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6ad490c922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:42 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 34E7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3ZO9P9MVTpKtwYwBSEjjmw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=90163
accept-ranges
bytes
content-length
5549
expires
Tue, 13 Dec 2022 12:04:25 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 34E7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=19316397-0a17-4f00-993b-41dbe53bddbe
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=19316397-0a17-4f00-993b-41dbe53bddbe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 12 Dec 2022 11:01:43 GMT
Server
MT3 180 1fd3e2d master hkg-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=19316397-0a17-4f00-993b-41dbe53bddbe
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Dec 2022 11:01:42 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9c48ea886db35fc6/gdpr=0/ Frame 34E7
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9c48ea886db35fc6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9c48ea886db35fc6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
52.49.181.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.13.171
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9c48ea886db35fc6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 34E7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REQ5M0JEM0YtRDMxNS00RTkyLUFEQzEtOEMwMTQ4NDhFMzlC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 11:01:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 34E7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENYg1v1ahn8imhaRLeCjXT8&google_cver=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENYg1v1ahn8imhaRLeCjXT8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENYg1v1ahn8imhaRLeCjXT8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 34E7 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 11 Dec 2022 11:01:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 34E7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=855927984755454507
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=855927984755454507
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 11:01:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=855927984755454507
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 34E7 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
adview
securepubads.g.doubleclick.net/pagead/ Frame C8D6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CELsdFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT3AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp0naki2XePqCLtc9aGv48DbQJte_4Us7RNurx1776oLqO8hxT74krgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=__0RtDv87jM&uach_m=[UACH]&cid=CAQSOwDq26N9ULHs66_yAlcgyMqloV8f-nhDCvagv_CMjTvc2DJ5x5hUE8ERdMzIq4cpx0otfpvVHbRETF7UGAEgEw
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame C8D6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLr5RMoHUJ2DYgICAAAA-ErnBP03rxhTB8acYyH7KhAVCpdjprC5NQoXnvwYRrMAEgAA&wp=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
226003
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 9AB5 		141 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
33013fb4e4a574b1687db9d92abdeed2d256f93219a8111ba95c624a8b8fd969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=lJXN77VHwD-DmwKR28V955OYQqRerEYVTUx-2lFpH6YSPgkN9AL_0WCXw19SFzBhpp-zC8D6xOU2KAJ4tHKWCXS_609YksiiktcnSNr9flck02vl4fb4VYVxpXZMgBVjVeW5vBCAgOCTULtbljwOCXsmPihgDITjE4oylvvRg4nXB14dX_BoQ0uNv2eMIcAofc_L0KrX8llJzNoHDNIQAuvY5JTJm5fa6TlibK_2Jk_kc7C7xAiakveJWSubmU4HfepLoQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
77526846
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame C8D6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 08:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
10562
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 08:05:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C281 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 09:30:19 GMT
etag
48472445140208031
expires
Tue, 13 Dec 2022 09:30:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame C8D6 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
82273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 12:10:29 GMT
l
www.google.com/ads/measurement/ Frame C8D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRH8-YS5b4QPP1bsShzAmLOua39mVbCTHSvANdIj98M8rfewVRD3TxhtGlax64yenmY_Wt2oISMtSh_wJpCGb68s9WJmg
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C8D6 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 22:03:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
392285
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Dec 2023 22:03:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8D6 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 11:01:42 GMT
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=53421466691
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221388a742a4ec7d52%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsports.walla.co.il%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fsports.walla.co.il%2F%22%2C%22domain%22%3A%22sports.walla.co.il%22%2C%22publisher%22%3A%7B%22domain%22%3A%22walla.co.il%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsports.walla.co.il%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22139b0fee8018da1e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44cf5a27e08a45e1526ada5fe89c637f8710fe894ec102322dc6ea1496bb8f8a

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaANeAV9xWq0TIEkNK7NdZoO9705RV31T32KBVLaW6WifYHnqb0SNqfo%2B%2BHCvVoS7qfOKWAy%2F8H70KduTI5qPUdnTkth0dXk1bApZE6e8FwYxp96kVrDu2HkQz3%2Boz2K17X6ROhJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7785f6aeedf4900a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		360 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fsports.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fsports.walla.co.il%2F&PublisherDomain=walla.co.il
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
de890b4ed54da567575ba54f2d74173e57a94b423366d6d3aeca40aba3eda754
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
386
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
360
expires
0
prebid
ib.adnxs.com/ut/v3/ 		140 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
923d9714bac8f73854a4247759374bcac72e304b35cefdbba357602ac774af74
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:42 GMT
AN-X-Request-Uuid
e1abb8e6-594e-4448-804a-341dc4fc56e2
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sports.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		0
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://sports.walla.co.il
Access-Control-Allow-Credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
2de51b64e3d7c45349292fb6a12df0dc685d2def04ba1726050cb7ce8b053e59

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
x-reason
maxmind anonymous vpn
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid
mp.4dex.io/ 		114 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0014fceddd797812cd866ba4d3a0d251e56a38cb73f24e11ae2ac24a7e3c5f

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7785f6aed9d89b88-FRA
expires
0
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.walla.co.il
date
Mon, 12 Dec 2022 11:01:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		94 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
94a6bef4b9f53a757b5db63b304dfce94acb5b5b780c0ad6dffb8d62d845c8e4

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Dec 2022 11:01:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://sports.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
arj
u.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsports.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4a9f558a-7c43-495e-9ab3-47307caf7b80&nocache=1670842902855&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600&divids=adSlot-1&aucs=43010785%252Fwallanews%252Finnerpages%252Fskyscraper_desktop&auid=544104782
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1565780c34be43f45db815e18760e94fb83b3825cb98de433dc918474c86bf5c

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://sports.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
/
prebid.smilewanted.com/ 		0
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7785f6aeeb62922c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
auction
tlx.3lift.com/header/ 		19 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fsports.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.209.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-209-117.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status
12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bee2fccfc52d75c4fd26c3c5d31cca611a5205fa28746a69866c59b7b35b3979
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:42 GMT
AN-X-Request-Uuid
bab473b7-2a21-428d-a76e-b8a054393876
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sports.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		435 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.page=https%3A%2F%2Fsports.walla.co.il%2F&tg_i.domain=sports.walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=4a9f558a-7c43-495e-9ab3-47307caf7b80&l_pb_bid_id=1725d46595613fc3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&slots=1&rand=0.685942027417151
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
92f0b290d93a3c3fb3532edd969c75a853c5e73a86f63aec47d86af7ee40cceb

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
435
expires
Wed, 17 Sep 1975 21:32:10 GMT
container.html
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 961B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:41 GMT
expires
Tue, 12 Dec 2023 11:01:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C0C4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:41 GMT
expires
Tue, 12 Dec 2023 11:01:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C8E0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:41 GMT
expires
Tue, 12 Dec 2023 11:01:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F0BF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:41 GMT
expires
Tue, 12 Dec 2023 11:01:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=65477fbffa6b849f8508ef0c236fdb1a_1769_1670842902652&tm=2856&eT=0&widgetWidth=325&widgetHeight=57&widgetX=650&widgetY=3403&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=432&oo=true&lo=2152&odbreq=4676&odbres=5108&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:42 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
d56f7bdd6e36f8a950d9dc4481805dbc
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=5&rand=7607&key=NANOWDGT01&widgetJSId=SF_10&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=3824&vpd=2624&pubInState=1&cw=325&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f1bf5349baadd4d8e5b4432451f30817ad31b945f2d6da82e8baf8c9276af3b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842903.947025,VS0,VE202
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21948-LGA, cache-fra-eddf8230043-FRA
x-traceid
458017745cc304afd0bad96ee2c0382a
accept-ranges
bytes
content-length
6344
expires
Thu, 01 Jan 1970 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9AB5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:01:43 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9AB5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:01:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9AB5 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 07 Dec 2023 11:01:43 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9AB5 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 07 Dec 2023 11:01:43 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 9AB5 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qLfAfKr2uIoBvFqd9vWAj5whaTo4qYMPPQbOzcwT6aNhRW5uuuyodYhKxVl0YcdU_JiOb08qmrGUbIvz0qCATXLtfXvZL-Ui_5bLUDrqAaGDwE76yHqzJDOTCib_TCEHE-XllzZSP9rHADLlHH6nhjdF2dtU5oWmgAYq5qoFDdrlC8b0sO_DYjMZY3DremWv5dZzny-64YEX8YaZtjdnw_louk6jTnrRSSEFTzbDJqyaPLqXUBsHK15FUaYoignDnIlW8nDqE6A6knbEf4CvDW1DnWldscxVsyhBfEMnFbmjtQ1XdoRdnTVDXRQXd1e31rKmtWyO9d0Okn27Q-vVgY3q2dDvn3qGcehAkhtF79XR6q0HnmFjFH7Sd3qIepUGOIZxbmPVKjcmBxiuCnplSVByycKVJAECcBV756M0LnXl76Ni
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2684270
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 9AB5 		44 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1670842902
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
via
1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
bZ_cBNCSBxCy82ynAVP77sACGIhFxs9ieSVa71_6MTRUBoByJo0xgQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C281
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKpry6chIC_Fv7g7xTDvVwM&google_cver=1&google_push=ASkJ3FZjga2mcT16ZBpZag9WI7oE058JYBBADTCogQUQQZOibdjtq1goOZ4G0FeDQxqvN2WPaJ1XICoCes1aUo8j...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZjga2mcT16ZBpZag9WI7oE058JYBBADTCogQUQQZOibdjtq1goOZ4G0FeDQxqvN2WPaJ1XICoCes1aUo8jacCx7l7IrRY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZjga2mcT16ZBpZag9WI7oE058JYBBADTCogQUQQZOibdjtq1goOZ4G0FeDQxqvN2WPaJ1XICoCes1aUo8jacCx7l7IrRY
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Dec 2022 11:01:43 GMT
Server
MT3 180 1fd3e2d master hkg-pixel-x6 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZjga2mcT16ZBpZag9WI7oE058JYBBADTCogQUQQZOibdjtq1goOZ4G0FeDQxqvN2WPaJ1XICoCes1aUo8jacCx7l7IrRY
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Dec 2022 11:01:42 GMT
pixel
cm.g.doubleclick.net/ Frame C281
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAR97SmtJb7oGOZJSFJXZ4s&google_cver=1&google_push=ASkJ3Fa61MW_97_jkgGiAAVfdllPgX3PaGYKWdiBHLYao_e5yManSFatufQwAbpe6757nfNxIP5pNjdN9Rc5x5GMmF6RSMDdWA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=61DA5620EAB5439EA8DCC690FDE41E98&google_push=ASkJ3Fa61MW_97_jkgGiAAVfdllPgX3PaGYKWdiBHLYao_e5yManSFatufQwAbpe6757nfNxIP5pNjdN9Rc5x5G...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=61DA5620EAB5439EA8DCC690FDE41E98&google_push=ASkJ3Fa61MW_97_jkgGiAAVfdllPgX3PaGYKWdiBHLYao_e5yManSFatufQwAbpe6757nfNxIP5pNjdN9Rc5x5GMmF6RSMDdWA
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=61DA5620EAB5439EA8DCC690FDE41E98&google_push=ASkJ3Fa61MW_97_jkgGiAAVfdllPgX3PaGYKWdiBHLYao_e5yManSFatufQwAbpe6757nfNxIP5pNjdN9Rc5x5GMmF6RSMDdWA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 11 Dec 2022 11:01:43 GMT
google
match.adsrvr.org/track/cmf/ Frame C281 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESECGu6YcNwgYhWNrXlm5tnEM&google_cver=1&google_push=ASkJ3FaRfzOz_bQECCoqM0HzvwkFCuZwxAQbmAaW6UHX-pStQfj1B3XekebqWehMa4E4LaVmYr3Zal-lMTe5ZALmXKxwPQDEQP4
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C281
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEILgvRascOv3yTPUFahbYSc&google_cver=1&google_push=ASkJ3FZ2NQOzSklL2sTd5mQEdph2_sBoyvvJXw0I3pbMZ4SNCdypcRTmqQ87nMO53Y6-O7RJUeahpdvV3tPmXGwN...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6a1j1ZfESl2ng-Ypei_TVQ2&google_push=ASkJ3FZ2NQOzSklL2sTd5mQEdph2_sBoyvvJXw0I3pbMZ4SNCdypcRTmqQ87nMO53Y6-O7RJUeahpdvV3tPmXGwNzJcgrJH5NsM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6a1j1ZfESl2ng-Ypei_TVQ2&google_push=ASkJ3FZ2NQOzSklL2sTd5mQEdph2_sBoyvvJXw0I3pbMZ4SNCdypcRTmqQ87nMO53Y6-O7RJUeahpdvV3tPmXGwNzJcgrJH5NsM
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Dec 2022 11:01:43 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6a1j1ZfESl2ng-Ypei_TVQ2&google_push=ASkJ3FZ2NQOzSklL2sTd5mQEdph2_sBoyvvJXw0I3pbMZ4SNCdypcRTmqQ87nMO53Y6-O7RJUeahpdvV3tPmXGwNzJcgrJH5NsM
x-host
tde-deliveryengine-production-59bd69b6c9-lspb6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame C281
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIQLF-GzKZUa5lhx9VREBAw&google_cver=1&google_push=ASkJ3Fbd77mP6aWH2ZrOH_e19q30sD-65-FBImyPy5NoOjvgYyyB5P6TjNbsY9gwgng7zDy-kNLNNPq7DEu-1KDR_95wHW0...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fbd77mP6aWH2ZrOH_e19q30sD-65-FBImyPy5NoOjvgYyyB5P6TjNbsY9gwgng7zDy-kNLNNPq7DEu-1KDR_95wHW0tbLk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fbd77mP6aWH2ZrOH_e19q30sD-65-FBImyPy5NoOjvgYyyB5P6TjNbsY9gwgng7zDy-kNLNNPq7DEu-1KDR_95wHW0tbLk
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fbd77mP6aWH2ZrOH_e19q30sD-65-FBImyPy5NoOjvgYyyB5P6TjNbsY9gwgng7zDy-kNLNNPq7DEu-1KDR_95wHW0tbLk
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame C281
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELXyDuRgbkO68-YfDEW0GSE&google_cver=1&google_push=ASkJ3FZ7zVvb14rlnl9rWZOwI7w9zdjpALlaxlFRi9l3KT4PweXOJkj4o9tptihivmNvGYggYSqOMEw1...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU1OTI3OTg0NzU1NDU0NTA3&google_push=ASkJ3FZ7zVvb14rlnl9rWZOwI7w9zdjpALlaxlFRi9l3KT4PweXOJkj4o9tptihivmNvGYggYSqOMEw1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU1OTI3OTg0NzU1NDU0NTA3&google_push=ASkJ3FZ7zVvb14rlnl9rWZOwI7w9zdjpALlaxlFRi9l3KT4PweXOJkj4o9tptihivmNvGYggYSqOMEw18NiCUkBNjBr6F9LmvQ
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU1OTI3OTg0NzU1NDU0NTA3&google_push=ASkJ3FZ7zVvb14rlnl9rWZOwI7w9zdjpALlaxlFRi9l3KT4PweXOJkj4o9tptihivmNvGYggYSqOMEw18NiCUkBNjBr6F9LmvQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame C281
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC7pW1_R7zrUUhzpZyfFuKk&google_cver=1&google_push=ASkJ3FZzaXCHJ6iAv3ftr9mWcgn_VLS_ldRGf_sSs9t6xfaXTqk8UCPd5L3pSHMoogquI_3g3SJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLT1EyMEctQS1CNDJI&google_push=ASkJ3FZzaXCHJ6iAv3ftr9mWcgn_VLS_ldRGf_sSs9t6xfaXTqk8UCPd5L3pSHMoogquI_3g3SJ2SJW1KFA-dceYH1U_bZkzzQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLT1EyMEctQS1CNDJI&google_push=ASkJ3FZzaXCHJ6iAv3ftr9mWcgn_VLS_ldRGf_sSs9t6xfaXTqk8UCPd5L3pSHMoogquI_3g3SJ2SJW1KFA-dceYH1U_bZkzzQ
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLT1EyMEctQS1CNDJI&google_push=ASkJ3FZzaXCHJ6iAv3ftr9mWcgn_VLS_ldRGf_sSs9t6xfaXTqk8UCPd5L3pSHMoogquI_3g3SJ2SJW1KFA-dceYH1U_bZkzzQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame C281 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbS5DkoArxKhh5a01IBocookUSUQpSeRh7J28O_ewZDffa2s_pkzEHLgsLlglpuDUCgy5J
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame C8D6 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5225eda5acceb64c556236782420a1e8b8a834b6b096611d9c94687a70cea6cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/ Frame FA3B 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aae23a1a146a8276a47a9aaa6b54f499f8f433d9acf7ae65920fd168de57e42
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
212239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4695
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 00:04:24 GMT
expires
Sun, 10 Dec 2023 00:04:24 GMT
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 961B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_6zDFgqXY4OhCoKVjuwPy8qigAHxh7jybcnKk-y-EI6k3qCoMBABINGTwypgleKQgqAHoAGyisGqAcgBCakCIWSBO5uWqD7gAgCoAwHIA0iqBOkBT9AokI84XcEViIJ3p66uhj7jiG2I_NBHfxFHwhdlvJk7719dUynfUvNzG1Avz6gBJnmMuToWm5eravxZMkCH_kVGpYRBPadq5JCxBTn0VShkMX33VHShzIkbM12iT-t7rNA4962m3oFGInGQutFOQ6XLA8uMlQf0Rq18bkMhmCETjgFzsWjGUEUtLKI5nTEgkZbEKVDmLwoWYrqXJfhbjTdsnQRRDCG_zkZRGavEl2bwbewDSAdp3nIjQuQJfTGpaHBM3mz93HOZL30lX70__44thaTUFY_ssXth8RqKQVjDyZVe1BbPtELABNeFzKCiBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe29b7VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENz_FtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=ZRA1V_Vk8PA&uach_m=[UACH]&cid=CAQSPADq26N9exYGpJDW-9Wqmk2r-bo2pdzVB4oXDqYG6i1AKe4mE1VxGg6rnS1ED4pWvQGkVU6v9C9NbcGE5xgBIBM&template_id=419
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 961B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
82274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 12:10:29 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/ Frame 37AB 		79 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/index.html
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d7905fa09077aa06cee7ba762941085d180febf242cc617d28dff8c83ae9091
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
22192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18580
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 04:51:51 GMT
expires
Tue, 12 Dec 2023 04:51:51 GMT
last-modified
Sun, 04 Dec 2022 18:01:06 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C0C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtT6CFgqXY4WhCoKVjuwPy8qigAHD1pLlbZLi0L2NEY2CrImIIBABINGTwypgleKQgqAHoAHpxaqdAsgBCakC8RmeSZensT7gAgCoAwHIA0iqBOwBT9AaHXwW1BQpVAptmToGgUQUx2br4DtJtzErUV118_Tn6-UJKYGAOawUH_rVBIdLEf6ccnokwhjrLOHgFdqJlnXmrTKjL4m-0Fq5ukl8U3ULesA0sRmwulXbvoDg6xjyvwf3GHBcmUAaetftCueWTbiveBX2EJr5fT0Kf8PKrks-zr6nbup6V3E5tPG3g7xlIYrOSasdF-YNP-KRzUak2_b9mohLUxN0noAdXiLxlYX9fPX0EABxl8jy19nBUOU44s1MHlnnUbevd580L4rFrXBc6McKs_9Ne-fg7r8xeUIZ94cYHuVHxBeAOzzABM2xoPCgA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf_udXiAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEO7dXNIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=BrueJClGwK0&uach_m=[UACH]&cid=CAQSPADq26N9exYGpJDW-9Wqmk2r-bo2pdzVB4oXDqYG6i1AKe4mE1VxGg6rnS1ED4pWvQGkVU6v9C9NbcGE5xgBIBM&template_id=419
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame C0C4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
82274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 12:10:29 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/ Frame 40E3 		81 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/index.html
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fc06035f10953cc5868542aa2d860fe71d206600affc2ef956f971095c9ecc7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
26104
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18595
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 03:46:39 GMT
expires
Tue, 12 Dec 2023 03:46:39 GMT
last-modified
Sun, 04 Dec 2022 18:01:10 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C8E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1j0kFgqXY4ahCoKVjuwPy8qigAHD1pLlbark0L2NEdrSh7jdHBABINGTwypgleKQgqAHoAHpxaqdAsgBCakC8RmeSZensT7gAgCoAwHIA0iqBO0BT9DpsLt2Je82oWzwS2vMyuxXaPp0ZTGM2uQvKAMSG-Hhqw8OqdzGAYjcJCXnl21rj_bLjCgWQCNgJ_jAsjK3a9dHhnjLGLFqDHK8eX2m0qg2kvtDMxLpRhLjkdqML7A3RPiDo9ZR8R0OVlf_I3oqxDvRq9Z3CPVdOnhMOrYA3ZR8pR3CZzafzwQSFRaFZuSGFX4miTMmmgeBigPKHqg7WZhIi_cZZthzI05Vjy72u3DOoTNLtM8xD5W7NoUTAxtVqwtj_tQgy5zpzW6YUXTeB9ETeafdUq8PXUnPtPWidFb7m1fb8aS1mw979i4PwATNsaDwoAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH_7nV4gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDirlbSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=HCq3nOgqaM4&uach_m=[UACH]&cid=CAQSPADq26N9exYGpJDW-9Wqmk2r-bo2pdzVB4oXDqYG6i1AKe4mE1VxGg6rnS1ED4pWvQGkVU6v9C9NbcGE5xgBIBM&template_id=419
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame C8E0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
82274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 12:10:29 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F0BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRb8GFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhAJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8vaSroTBC5a4N-J9xP3tHN4QYh6FcHiax-8xI9FGS0lbBW63yXQ_eAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=-1RK6_LP3Fo&uach_m=[UACH]&cid=CAQSPADq26N9exYGpJDW-9Wqmk2r-bo2pdzVB4oXDqYG6i1AKe4mE1VxGg6rnS1ED4pWvQGkVU6v9C9NbcGE5xgBIBM
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame F0BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLr5RKwCkAOdg2ICAgAAAPhK5wT9N68YUwfGnGMh-yoQFgqXY3unmZa4355pRC_oABIAAA&wp=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
299668
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame E57D 		216 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
10044a2e303d46b47a2b9a53f787b399c9d112c0bd991d375517d9562d091b09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:43 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JAW2PrVHwD-DmwKRfH_SuCFaR8MpKQd5A_7sOcTgo1fg5anHlnsrpAEaJD3aS3B451Hbgq-l_yF6xBFpEmkrhUELM83Eds_HR3jULrs_ta2eF0XOYTh7Asr5MKx1TtlzdMC8kJ1ZsttTNx_hiTMr6DrEEIS9vVeO35tNxkDrZmx2ows6Adwi04JoEk4u6QhhdebMJ2H25_NdlWEOqdW9syi3h5SZw3H0X1IEwlGl9DrsSJWrXfVa1PH3vtaN9jlunTqESQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
124810629
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame F0BF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 08:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
10563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 08:05:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0D04 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5484
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 09:30:19 GMT
etag
48472445140208031
expires
Tue, 13 Dec 2022 09:30:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame F0BF 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
82274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 12:10:29 GMT
l
www.google.com/ads/measurement/ Frame F0BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlCdIe_MpJXXZpp9gOeynaI5myYyC9sC2iJlvhOl0xZmNMUAIlbjYf5BLY4zUPMCBU7gvUztp87wm2X9W2ve9z4vV9_A
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F0BF 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 22:03:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
392286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Dec 2023 22:03:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F0BF 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 11:01:43 GMT
animejs.js
static.criteo.net/animejs/ Frame 9AB5 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:01:43 GMT
img
pix.eu.criteo.net/img/ Frame 9AB5 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=156&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F05c244b8e1cf40f39dbba9559c8c38e9_blue.png&v=3&w=196&s=4nM4rldWNncRLzzB1YZyX8hw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30145219
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6722
expires
Sun, 26 Nov 2023 08:42:03 GMT
img
pix.eu.criteo.net/img/ Frame 9AB5 		878 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FP%2FlogoP-S-P-P-KONIGSTEINER-PERSONALBERATER-AG-121787DE.gif%3Feb%3D1&v=3&w=400&s=DckfQEIV0II1GSz2KxIyQdQz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d22818a503c6fb6623b58bf4ab2239cdcadc5f86891f47f11692ced0cf536ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2407628
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
878
expires
Mon, 09 Jan 2023 07:48:52 GMT
img
pix.eu.criteo.net/img/ Frame 9AB5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1897527
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1584
expires
Tue, 03 Jan 2023 10:07:10 GMT
img
pix.eu.criteo.net/img/ Frame 9AB5 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoRENTASTICS-GmbH-Co-KG-230068DE-2212071625.gif%3Feb%3D1&v=3&w=400&s=DlvA4vXPr1V-RXshYzEmPdyE&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
3c99eaa50383c51f7ebfb8df23a585ce696b836f6ff4bf8983c9004e12bb4a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2193087
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5545
expires
Fri, 06 Jan 2023 20:13:10 GMT
all
csm.eu.criteo.net/ Frame 9AB5 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lJXN77VHwD-DmwKR28V955OYQqRerEYVTUx-2lFpH6YSPgkN9AL_0WCXw19SFzBhpp-zC8D6xOU2KAJ4tHKWCXS_609YksiiktcnSNr9flck02vl4fb4VYVxpXZMgBVjVeW5vBCAgOCTULtbljwOCXsmPihgDITjE4oylvvRg4nXB14dX_BoQ0uNv2eMIcAofc_L0KrX8llJzNoHDNIQAuvY5JTJm5fa6TlibK_2Jk_kc7C7xAiakveJWSubmU4HfepLoQ&sds=2&rev=83862.2&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Dec 2022 11:01:42 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9AB5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:01:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9AB5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:01:43 GMT
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
x-request-id
52a7aad7-842b-4b54-8251-44f7aff7044f
x-vad-version
0.9.13

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sports.walla.co.il
x-cloud-trace-context
c796c93b8c3cc849e880946baad5f76c
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame FA3B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 13:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
78563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 12 Dec 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FA3B 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
54517
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 12 Dec 2022 19:53:06 GMT
120fb889c9d3d02c8d3dd0555cf62ab3.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/ Frame FA3B 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/120fb889c9d3d02c8d3dd0555cf62ab3.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 09 Dec 2022 05:22:45 GMT
age
279538
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30375
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 05:22:45 GMT
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://sports.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 12 Dec 2022 11:01:43 GMT
server
Google Frontend
x-cloud-trace-context
b49a294834351a791c4c189584155f41
x-request-id
undefined
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 37AB 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 13 Dec 2022 04:14:04 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 37AB 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
54517
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 12 Dec 2022 19:53:06 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 40E3 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 13 Dec 2022 04:14:04 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 40E3 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
54517
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 12 Dec 2022 19:53:06 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=910dd6b184fef584c34d4c46b1a24b00_1769_1670842903098&tm=3404&eT=0&widgetWidth=325&widgetHeight=57&widgetX=650&widgetY=3784&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=542&oo=true&lo=2152&odbreq=5115&odbres=5656&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:43 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
1a6800140387fdf60632a57d16f8ce82
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=6&rand=47886&key=NANOWDGT01&widgetJSId=SF_10&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=4232&vpd=3032&pubInState=1&cw=325&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b6d55aa7c6d3c78b7f39029d1cd0e4acd8463ef924b238cb978117f1712e879e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842903.488052,VS0,VE199
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21950-LGA, cache-fra-eddf8230043-FRA
x-traceid
eaa8395cb573ff65549e590d51ed2d3d
accept-ranges
bytes
content-length
6400
expires
Thu, 01 Jan 1970 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame E57D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:01:43 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E57D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:01:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E57D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 07 Dec 2023 11:01:43 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E57D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 07 Dec 2023 11:01:43 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame E57D 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jn282QJ6N5xdH3oldp0yrA2cxHXX1YV09YunnBR9oR_k4a5O3R1hZ2M2ErD5ogj8wgvsyeo2iYO7zrSJ4-Qz-lpg_LFFPmY9_xoBhN3xoUUctFTRCzgnk_NXt-ghZwRCgsD9KkSUug1QHWFa-imOYceSWbbjbMsSrRTABWinWihF6BovgEfODTEVv-6pLZzl93ioLLYkxjQWNDu7z9c0oimVksvS1X9xrzYRn0ZUtvqA2BYi723Fnsgz9tg8F6ltYEVThpoQcFWZSnTmBH9zb1w19fWuglX1zmnPENRi_Zp-9W8sM-pGK8fwy5txRjH7crW2gRzDq3d3jTxAgxhoeI8DCC8qu3hI68Rk5V5kmxv6WHusgn9AjJQA6OkaQCT-VJCjttMhgSkK6GNIC0Y5FNPCrZAkcnEXEfP02ESZx9luxbGFRL4HdNYZxeO4tJBRre9O1Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3004074
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame E57D 		44 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1670842903
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
via
1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
xXD5JylboHfoj23FNMTUFryvFM2ru5zx_4MJGMRu-Qr4coCI-4TUkw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C6A7 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1979
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 10:28:44 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 961B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 08:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
10563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 08:05:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 961B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
82274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 12:10:29 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1E27 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1979
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 10:28:44 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame C0C4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 08:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
10563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 08:05:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame C0C4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
82274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 12:10:29 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2123 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1979
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 10:28:44 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame C8E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 08:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
10563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 08:05:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame C8E0 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
82274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 12:10:29 GMT
dpixel
cms.quantserve.com/ Frame 0D04 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEqB1t49CXW8eQcNuFR3MTM&google_cver=1&google_push=ASkJ3Fanh9_od3RIiwCKk8Jbn04-y6VdIGbUcgiDFKDm3L2TDzl1gcSZ1X_7PTbGSIYxV0mNfzwkXtv1UWh3MCtx7VBqDVoXHk0MmQ
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 0D04 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBEso9D5dGunDq_7A6OBJn0&google_cver=1&google_push=ASkJ3Fa45CebrjEil6XLEOSXPdkM-gEO7kKMdSb6W0kJ6KBKBPHqrXscg1E8qrUF0FVcfW8Fn1Cw_O51j1s7WmnBdIGnmYPVGq1Ihg
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 0D04
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAQIObNA0eAmdzilgda-ERE&google_push=ASkJ3Fa6HdjwcfjkYv9rxT3FFLA06772txBkhAsIQhRR9jIBNfdZ93aQYs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAQIObNA0eAmdzilgda-ERE&google_push=ASkJ3Fa6HdjwcfjkYv9rxT3FFLA06772txBkhAsIQhRR9jIBNfdZ93aQYsGZ8tdZzSoW8mF5CK5tBDAnAIptvYYpIjUuynqEeOR1Yw
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220092-HHN
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1670842904.574686,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAQIObNA0eAmdzilgda-ERE&google_push=ASkJ3Fa6HdjwcfjkYv9rxT3FFLA06772txBkhAsIQhRR9jIBNfdZ93aQYsGZ8tdZzSoW8mF5CK5tBDAnAIptvYYpIjUuynqEeOR1Yw
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 0D04
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJnef1Z7N8mfNalwz7dn_kY&google_cver=1&google_push=ASkJ3FZDUJx_c5lY0gfuDyAugZnOXGMr9_2wLPojKcZoCGv94bFkUCOM5AKv57S9LCd8lwdGmO918qDf3f85fvpkDu8K...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJnef1Z7N8mfNalwz7dn_kY&google_cver=1&google_push=ASkJ3FZDUJx_c5lY0gfuDyAugZnOXGMr9_2wLPojKcZoCGv94bFkUCOM5AKv57S9LCd8lwdGmO918qDf3f85fv...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=80f72ff1-e5f2-4b43-a3e3-22415b24558e
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=80f72ff1-e5f2-4b43-a3e3-22415b24558e
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=95c45a2a-91c3-4885-917f-64ae31716afb&ssp=google&expires=30&user_group=5&bsw_param=80f72ff1-e5f2-4b43-a3e3-22415b24558e
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZDUJx_c5lY0gfuDyAugZnOXGMr9_2wLPojKcZoCGv94bFkUCOM5AKv57S9LCd8lwdGmO918qDf3f85fvpkDu8Ko4W8XgyXdw&google_hm=gPcv8eXyS0Oj4yJBWyRVjg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZDUJx_c5lY0gfuDyAugZnOXGMr9_2wLPojKcZoCGv94bFkUCOM5AKv57S9LCd8lwdGmO918qDf3f85fvpkDu8Ko4W8XgyXdw&google_hm=gPcv8eXyS0Oj4yJBWyRVjg==
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZDUJx_c5lY0gfuDyAugZnOXGMr9_2wLPojKcZoCGv94bFkUCOM5AKv57S9LCd8lwdGmO918qDf3f85fvpkDu8Ko4W8XgyXdw&google_hm=gPcv8eXyS0Oj4yJBWyRVjg==
date
Mon, 12 Dec 2022 11:01:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dds
rtb.openx.net/sync/ Frame 0D04 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKNoHEdJkydGkB-ISWam-vY&google_cver=1&google_push=ASkJ3FYGpvvUZtMH8NitbMCwmB7tzgwC5iExJdjHXxNyTN0qFFdel1KbsRaPnXMsAXLAKeNqVAc_rx_fgnr2PfAFbvR5agy-cNWyew
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:42 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
5um9va6t2cgdnnlh9dabdttvifqms4fq
pixel
cm.g.doubleclick.net/ Frame 0D04
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3ZO9P9MVTpKtwYwBSEjjmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3ZO9P9MVTpKtwYwBSEjjmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbvQy_-7T3BApfFJVl-1Y2hhGue7cvtwJm2DzD-OJ3q8xstbMvozUQqfHZMXre3UzSe3YDDD53z4P934tclauRdaHjqXd5uiA
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3ZO9P9MVTpKtwYwBSEjjmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbvQy_-7T3BApfFJVl-1Y2hhGue7cvtwJm2DzD-OJ3q8xstbMvozUQqfHZMXre3UzSe3YDDD53z4P934tclauRdaHjqXd5uiA
date
Mon, 12 Dec 2022 11:01:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0D04
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECw-ANsG0hMmQHOs-ReZf5Y&google_cver=1&google_push=ASkJ3FZNT4jwIoCefD7c4hGdbjmoyIKMjrjP2BLtLfsTZ9Lq8yhYOU6tKPsOJod_w2hd4GMJVt7wx1_w0eQQGOCNQ2H6tw1X40...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FZNT4jwIoCefD7c4hGdbjmoyIKMjrjP2BLtLfsTZ9Lq8yhYOU6tKPsOJod_w2hd4GMJVt7wx1_w0eQQGOCNQ2H6tw1X40B...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk2OTgxOTA3MzY3ODQwNzU0MjY2MQ%3D%3D&google_push=ASkJ3FZNT4jwIoCefD7c4hGdbjmoyIKMjrjP2BLtLfsTZ9Lq8yhYOU6t...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk2OTgxOTA3MzY3ODQwNzU0MjY2MQ%3D%3D&google_push=ASkJ3FZNT4jwIoCefD7c4hGdbjmoyIKMjrjP2BLtLfsTZ9Lq8yhYOU6tKPsOJod_w2hd4GMJVt7wx1_w0eQQGOCNQ2H6tw1X40BpYQ
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk2OTgxOTA3MzY3ODQwNzU0MjY2MQ%3D%3D&google_push=ASkJ3FZNT4jwIoCefD7c4hGdbjmoyIKMjrjP2BLtLfsTZ9Lq8yhYOU6tKPsOJod_w2hd4GMJVt7wx1_w0eQQGOCNQ2H6tw1X40BpYQ
date
Mon, 12 Dec 2022 11:01:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 0D04 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IySYnZQUBXFIUcDeBDPHxY13mcMddQlJ0MYm238gX2yv9wir579zvH2ebqBebO6Q5KYaNv
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame F0BF 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4f4be8062c1772de7efc7a8bceae84f2ee407b0825bfdc1f0fb00edafd95aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame FA3B 		6 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 09:50:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Dec 2022 11:01:43 GMT
14986c7a3fcbf331142efc1cfe3dea91.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/ Frame FA3B 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/14986c7a3fcbf331142efc1cfe3dea91.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f806647f88d37d884d78bdfa4bd50754cb4d3dcd8fc52c2a82ffc11e6350cfb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 09 Dec 2022 19:23:39 GMT
x-content-type-options
nosniff
age
229084
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31561
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 19:23:39 GMT
28f5d8da66c1978538f89b2583693dfa.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/ Frame FA3B 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/28f5d8da66c1978538f89b2583693dfa.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fab16292a66e362f856092e0fb1fe26eeec7c620fbbfa383c7ebf7d77be81d8f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 09 Dec 2022 03:47:31 GMT
x-content-type-options
nosniff
age
285252
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41214
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 03:47:31 GMT
undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/ Frame FA3B 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/undefinedz9njpo
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:44 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 12 Dec 2022 11:01:44 GMT
animejs.js
static.criteo.net/animejs/ Frame E57D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:01:43 GMT
img
pix.eu.criteo.net/img/ Frame E57D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1897526
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1584
expires
Tue, 03 Jan 2023 10:07:10 GMT
img
pix.eu.criteo.net/img/ Frame E57D 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoRENTASTICS-GmbH-Co-KG-230068DE-2212071625.gif%3Feb%3D1&v=3&w=400&s=DlvA4vXPr1V-RXshYzEmPdyE&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
3c99eaa50383c51f7ebfb8df23a585ce696b836f6ff4bf8983c9004e12bb4a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2193086
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5545
expires
Fri, 06 Jan 2023 20:13:10 GMT
img
pix.eu.criteo.net/img/ Frame E57D 		878 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FP%2FlogoP-S-P-P-KONIGSTEINER-PERSONALBERATER-AG-121787DE.gif%3Feb%3D1&v=3&w=400&s=DckfQEIV0II1GSz2KxIyQdQz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d22818a503c6fb6623b58bf4ab2239cdcadc5f86891f47f11692ced0cf536ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2407628
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
878
expires
Mon, 09 Jan 2023 07:48:52 GMT
img
pix.eu.criteo.net/img/ Frame E57D 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=YAIFeLPAH54uGQl3I5DObQ3q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29872989
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19171
expires
Thu, 23 Nov 2023 05:04:53 GMT
img
pix.eu.criteo.net/img/ Frame E57D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoDaimler-Truck-AG-237413DE-2201251529.gif%3Feb%3D1&v=3&w=400&s=K0xCXnqyAUM6BcVSLGwxl4fU&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
56a55bbe74ec3365a7eccdb7f95f07a1b6f2dbf69726dfdf9e51e1053e2d3e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=648055
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1552
expires
Mon, 19 Dec 2022 23:02:39 GMT
img
pix.eu.criteo.net/img/ Frame E57D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoSV-SparkassenVersicherung-51781DE-2008120925.gif%3Feb%3D1&v=3&w=400&s=aRdX_u8Lmehcv6lsfkpPZYoA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
74024ec471def17a6d2835f88223678a094f8c10ccda405a0543445c31945519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=19841
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1050
expires
Mon, 12 Dec 2022 16:32:25 GMT
img
pix.eu.criteo.net/img/ Frame E57D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoCMS-Hasche-Sigle-Partnerschaft-von-Rechtsanwaelten-und-Steuerberatern-mbB-93153DE-2104070904.gif%3Feb%3D1&v=3&w=400&s=80hTzjFu_y1FF3pHLDFU6cFg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
c4a6d78d55951081d4fca1d9c4058b3db7ee701ab7c4409f43825e0dc3dda334
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1767975
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6022
expires
Sun, 01 Jan 2023 22:07:59 GMT
img
pix.eu.criteo.net/img/ Frame E57D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoL-S-DEUTSCHLAND-GmbH-223703DE-2209301458.gif%3Feb%3D1&v=3&w=400&s=CcC8SYBiAgHc0KThPHBQrb9H&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
1399b0d28fc31887b246910d39be00f6737a38225f6d2d587d8fd346e5e3a255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=1560062
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1216
expires
Fri, 30 Dec 2022 12:22:45 GMT
img
pix.eu.criteo.net/img/ Frame E57D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FH%2FlogoHettich-Unternehmensgruppe-110806DE.gif%3Feb%3D1&v=3&w=400&s=5KByOrgLP2akzWtu0BLZbtMC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
0323ed70ae5cf95f463819fcd504fadce3f7006545774bd0e3279d4869db9315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=25
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2020
expires
Mon, 12 Dec 2022 11:02:08 GMT
img
pix.eu.criteo.net/img/ Frame E57D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoDACHSER-SE-4891DE-2003241016.gif%3Feb%3D1&v=3&w=400&s=Js2skOQQI0PMzENBG38ZT6qL&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d8f169f581e9e8d07c8e5a0cec347ca2a1e05452725c9bbc3063808a0a720c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1446963
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4666
expires
Thu, 29 Dec 2022 04:57:47 GMT
all
csm.eu.criteo.net/ Frame E57D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=JAW2PrVHwD-DmwKRfH_SuCFaR8MpKQd5A_7sOcTgo1fg5anHlnsrpAEaJD3aS3B451Hbgq-l_yF6xBFpEmkrhUELM83Eds_HR3jULrs_ta2eF0XOYTh7Asr5MKx1TtlzdMC8kJ1ZsttTNx_hiTMr6DrEEIS9vVeO35tNxkDrZmx2ows6Adwi04JoEk4u6QhhdebMJ2H25_NdlWEOqdW9syi3h5SZw3H0X1IEwlGl9DrsSJWrXfVa1PH3vtaN9jlunTqESQ&sds=2&rev=83862.2&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E57D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:01:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E57D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:01:43 GMT
l
www.google.com/ads/measurement/ Frame 961B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhwS59Us-JV61G4VdM6ju1ngJnmOqIIIl06SUPscAvBWK_60HliVO5dV-Eyok8LLJmVGqolSgal-tAFil7w4jzC8v3Ew
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 961B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 11:01:43 GMT
l
www.google.com/ads/measurement/ Frame C0C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyOghiwmv3J5VeDOt5wuhS5A-PYFLSsGj-L_WfouvYdp0iNrh1ivqLG6G2xTeLcwhIJq5yZxAXqcBVIznlt_XgMAIJ7w
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C0C4 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 11:01:43 GMT
l
www.google.com/ads/measurement/ Frame C8E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSRbiy5J8fT__XmR7UmQGZjYmFKFpq25Cr3xcn9fPi5qgLfHs5BaZ1KEVDCi7cJKRdECfMa9kwcldPuwFSrc_cSyepuw
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8E0 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 11:01:43 GMT
truncated
/ Frame 961B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bf6b15485e8d21230ae7b74de727083c1ee57be8a9c77bdf17e617c188f13d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C0C4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bcb0d122114c7e64470f4a4bee469cb80936799f479f6991b9c67328223b9c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C8E0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8542470df04005d0ce153a6498d5f5553fc93e2a2e1aac58566a0c266faa21ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame C6A7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:43 GMT
expires
Mon, 12 Dec 2022 11:01:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:43 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1E27
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:43 GMT
expires
Mon, 12 Dec 2022 11:01:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:43 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=35dd1ef512aeb489dd77c4f4a51710c7_1769_1670842903635&tm=3767&eT=0&widgetWidth=325&widgetHeight=57&widgetX=650&widgetY=4193&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=357&oo=true&lo=2152&odbreq=5662&odbres=6018&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:43 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
f20fc8a5b4cdc576b55661314701d6d4
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=7&rand=80265&key=NANOWDGT01&widgetJSId=SFC&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=4362&vpd=3162&pubInState=1&cw=635&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0fc51bdb2e4a1b48c73604f7da8f2adc80338595211c52bb1fccb82bb978f912

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842904.846507,VS0,VE206
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21976-LGA, cache-fra-eddf8230043-FRA
x-traceid
974160ce23c7f1bd1b5a43af2f2e9d9a
accept-ranges
bytes
content-length
9573
expires
Thu, 01 Jan 1970 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2123
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:43 GMT
expires
Mon, 12 Dec 2022 11:01:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:43 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 37AB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 17:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 17:53:54 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/ Frame 37AB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/logo.png
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab17899d2db7d959abc52e87bcf0deae0689ac69d781adc04649acf8ff07b03a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 04:51:21 GMT
x-content-type-options
nosniff
age
22222
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2983
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 04:51:21 GMT
txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/ Frame 37AB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/txt1.png
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19870be49828c1b8ec2210313a64fd51e819df0dca1f8fd9a558dfc004c363a8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 04:51:21 GMT
x-content-type-options
nosniff
age
22222
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11670
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 04:51:21 GMT
70_years_of.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/ Frame 37AB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/70_years_of.png
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a01ca51778260eb823b7905bfcc7cb70b7d5a72cc4302bdf64cce835dd46383
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 04:51:21 GMT
x-content-type-options
nosniff
age
22222
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11247
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 04:51:21 GMT
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/ Frame 37AB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/cta.png
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bc650b97a11b723bab20d8919016b2cc00a9eb3b1ba6b057490dbb02c21a918
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 04:51:21 GMT
x-content-type-options
nosniff
age
22222
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1413
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 04:51:21 GMT
image_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/ Frame 37AB 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/image_1.jpg
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ab96f05a359645c1fc3afe581857a36eea7c62f3c8fc039aa7435451a7f744b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 04:51:21 GMT
x-content-type-options
nosniff
age
22222
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27684
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 04:51:21 GMT
image_2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/ Frame 37AB 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1994317184232231449/image_2.jpg
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7fad3fbd54709c393fe979997e730318ed38fa7a5917890490a68aea4a723e2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 04:51:21 GMT
x-content-type-options
nosniff
age
22222
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67504
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 04:51:21 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 40E3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 17:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 17:53:54 GMT
Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/ Frame 40E3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/Logo.png
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a578c3a897cea87a09b2cabb1774599707be18402aa80dc77ad4f34823f4b9f0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 05:03:01 GMT
x-content-type-options
nosniff
age
21522
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3008
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 05:03:01 GMT
Txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/ Frame 40E3 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/Txt1.png
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d8660dfd8a943ae4ff25a2df0d7358f03a0b9026a4738c9326218c060daecf1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 05:03:01 GMT
x-content-type-options
nosniff
age
21522
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10118
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 05:03:01 GMT
IMG1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/ Frame 40E3 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/IMG1.jpg
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1dabb07fff7f4405130d1edde0f56ea353ec4f13cabfe5a9109c913a6a82928c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 05:03:01 GMT
x-content-type-options
nosniff
age
21522
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44938
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 05:03:01 GMT
Txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/ Frame 40E3 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/Txt2.png
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6478f04d4caa774f764d9946212ac1b54edbb4555b02533cef242676f2856b4c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 05:03:01 GMT
x-content-type-options
nosniff
age
21522
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16305
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 05:03:01 GMT
CTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/ Frame 40E3 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/CTA.png
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70ee608b13a76203a36b50e3ef986c754a4a07657ac381ac6cf56655595a3b01
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 05:03:01 GMT
x-content-type-options
nosniff
age
21522
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1513
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 05:03:01 GMT
IMG2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/ Frame 40E3 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13427559203645464275/IMG2.jpg
Requested by
Host: 85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0ff0f3d2464f3bf4e3e6f66f85cedcc5c38c030f90fa5c630818084fa135906
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 05:03:01 GMT
x-content-type-options
nosniff
age
21522
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41501
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:01:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 05:03:01 GMT
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:44 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Wed, 11 Jan 2023 11:01:44 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=713d5032342a7e7483c091433b371c83_1769_1670842903988&tm=4065&eT=0&widgetWidth=635&widgetHeight=232&widgetX=650&widgetY=4322&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=292&oo=true&lo=2152&odbreq=6025&odbres=6316&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:44 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
49de000ceb9befa7a0c6589feb1696ea
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=8&rand=172&key=NANOWDGT01&widgetJSId=SF_10&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=4875&vpd=3675&pubInState=1&cw=325&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3511b464f42d851a338d165b12d2e3a1388ce2c399cf1214f946002df9436150

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842904.145486,VS0,VE199
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21957-LGA, cache-fra-eddf8230043-FRA
x-traceid
19ab20bc0c32e3bbee9bec06c1d196ed
accept-ranges
bytes
content-length
6333
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C8D6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3JUYXCn02uIc_D-voueWy5u1ogEWALzJ8xQD2cDMBCegyKWbx_YdTpKWUXYg0SLgS2WfCpqaiXEuYGVcXFb9R-qM&sig=Cg0ArKJSzO-5DQmZdwH9EAE&cid=CAASF-RoP4o2CwdIS9HNLQ_nHKTQDnMsgLVS&id=lidar2&mcvt=1000&p=1120,315,1200,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=578455068&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670842902294&rpt=860&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame FA3B 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:48:04 GMT
x-content-type-options
nosniff
age
224020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18688
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 20:48:04 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame FA3B 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 17:51:13 GMT
x-content-type-options
nosniff
age
580231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 17:51:13 GMT
Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame FA3B 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:05:28 GMT
x-content-type-options
nosniff
age
255376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20496
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 12:05:28 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ Frame FA3B 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 23:13:55 GMT
x-content-type-options
nosniff
age
560869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21440
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:57:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 23:13:55 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=97e596f8a0e65bac0d9573b750cf6ed5_1769_1670842904295&tm=4280&eT=0&widgetWidth=325&widgetHeight=57&widgetX=650&widgetY=4835&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=208&oo=true&lo=2152&odbreq=6324&odbres=6532&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:44 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
57a11667a5286caae34c88260e26ef35
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=9&rand=71361&key=NANOWDGT01&widgetJSId=SF_10&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=5270&vpd=4070&pubInState=1&cw=325&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ad4d8ae51db4b533f6a4f3cfcc86513b71f4a352f0c538dc648adafc4ba5c59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842904.358653,VS0,VE218
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13620-LGA, cache-fra-eddf8230043-FRA
x-traceid
2872c3d8db7c36e40b6817546903f309
accept-ranges
bytes
content-length
6402
expires
Thu, 01 Jan 1970 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 9AB5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lJXN77VHwD-DmwKR28V955OYQqRerEYVTUx-2lFpH6YSPgkN9AL_0WCXw19SFzBhpp-zC8D6xOU2KAJ4tHKWCXS_609YksiiktcnSNr9flck02vl4fb4VYVxpXZMgBVjVeW5vBCAgOCTULtbljwOCXsmPihgDITjE4oylvvRg4nXB14dX_BoQ0uNv2eMIcAofc_L0KrX8llJzNoHDNIQAuvY5JTJm5fa6TlibK_2Jk_kc7C7xAiakveJWSubmU4HfepLoQ&sds=2&rev=83862.2&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Dec 2022 11:01:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
unip
trc-events.taboola.com/1245572/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=4718&scd=21&ssd=1&est=1670842899784&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670842904503&vi=1670842899781&ri=15499e273d289dc852b1f0af102ee293&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
https://sports.walla.co.il
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame FA3B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 17:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 17:53:54 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Dec 2022 11:01:44 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 34E7 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=ad94b01932182c1e25e5467436db6787_1769_1670842904519&tm=4536&eT=0&widgetWidth=325&widgetHeight=57&widgetX=650&widgetY=5230&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=251&oo=true&lo=2152&odbreq=6537&odbres=6788&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:44 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
816b50c58ab1ea56c18198b0d80f18e3
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=10&rand=46404&key=NANOWDGT01&widgetJSId=SF_10&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=5650&vpd=4450&pubInState=1&cw=325&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b060d2099b391baa423c783e619e98834409e3e59076a6e4d482dd100d3994f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842905.617121,VS0,VE202
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21952-LGA, cache-fra-eddf8230043-FRA
x-traceid
a3b3fab8343090d6114fbcceb81ae5ec
accept-ranges
bytes
content-length
6335
expires
Thu, 01 Jan 1970 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Dec 2022 11:01:44 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=21ec7f026b8cc32f9be480112886479a_1769_1670842904770&tm=4755&eT=0&widgetWidth=325&widgetHeight=57&widgetX=650&widgetY=5611&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=211&oo=true&lo=2152&odbreq=6796&odbres=7006&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:44 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
ae6df89da6c36d23b1cbc469c60e3731
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=11&rand=26033&key=NANOWDGT01&widgetJSId=SF_10&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=6023&vpd=4823&pubInState=1&cw=325&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c1d0af68c6ff7f7731e3f3388714d3dc3b815f8f9f56b8aa7724ac67b7d6b159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842905.834453,VS0,VE231
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230043-FRA
x-traceid
70fb113498675627c3bee2e3a599819d
accept-ranges
bytes
content-length
6397
expires
Thu, 01 Jan 1970 00:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsports.walla.co.il%2F&domain=sports.walla.co.il&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=FYRWanxaTmlLd3kzWGlyU25DQXE0eTd4djZXRGNtM1BlMkRqbFphMnFqelVGdjEwdlptMzRvSEdkZTJueTRZeVhwemFlaHNwYlNGZzRVVlUwMGdDVGU5ZWdYRERBY1BMS2lZQmNRalpoVDFKOC84UklOQTNkRTA2T1RkcV...
359 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FYRWanxaTmlLd3kzWGlyU25DQXE0eTd4djZXRGNtM1BlMkRqbFphMnFqelVGdjEwdlptMzRvSEdkZTJueTRZeVhwemFlaHNwYlNGZzRVVlUwMGdDVGU5ZWdYRERBY1BMS2lZQmNRalpoVDFKOC84UklOQTNkRTA2T1RkcVhKVCtqeTlYci9BVzhjVUhib1RVbTlYdWpISWpITS8rWDMvKzk0bVd3MW5seDJ4SEtvRlkwcWt3MlBPNzJzU2ROUFgzUmdSTDhQVVUwZlZlN2VVeE8rdkNidU00c1RzMWl4dStjZi9tM2pEQjB5SlRiaVdHL1Z3RUczcmVkb3ppdTRydnNiL0U2fA&cppv=2
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
60201970de40a5153d5f3666825679dd293fc86a87b127223cb974b283352e04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1136909
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=FYRWanxaTmlLd3kzWGlyU25DQXE0eTd4djZXRGNtM1BlMkRqbFphMnFqelVGdjEwdlptMzRvSEdkZTJueTRZeVhwemFlaHNwYlNGZzRVVlUwMGdDVGU5ZWdYRERBY1BMS2lZQmNRalpoVDFKOC84UklOQTNkRTA2T1RkcVhKVCtqeTlYci9BVzhjVUhib1RVbTlYdWpISWpITS8rWDMvKzk0bVd3MW5seDJ4SEtvRlkwcWt3MlBPNzJzU2ROUFgzUmdSTDhQVVUwZlZlN2VVeE8rdkNidU00c1RzMWl4dStjZi9tM2pEQjB5SlRiaVdHL1Z3RUczcmVkb3ppdTRydnNiL0U2fA&cppv=2
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
660485
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsports.walla.co.il%2F&domain=sports.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sports.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Dec 2022 11:01:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
500017
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8103 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40635
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 12 Dec 2022 11:01:45 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
34, 262469
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220046-HHN
X-Timer
S1670842905.049884,VS0,VE0
pd
u.openx.net/w/1.0/ Frame E979 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 12 Dec 2022 11:01:45 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 43EF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Dec 2022 11:01:45 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6A04 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40635
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 12 Dec 2022 11:01:45 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
34, 261624
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220097-HHN
X-Timer
S1670842905.051772,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7EF3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=90160
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Dec 2022 12:04:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame BB31 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
097558aeb196f61e34941cc2e32482d63f1243dc4bd2c9683e341ef17c32441e

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6bc6827922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame AD63 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40635
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 12 Dec 2022 11:01:45 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
34, 255845
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220079-HHN
X-Timer
S1670842905.050180,VS0,VE0
sync
eb2.3lift.com/ Frame B248 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 12 Dec 2022 11:01:45 GMT
/
csync.smilewanted.com/ Frame 48A5 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
097558aeb196f61e34941cc2e32482d63f1243dc4bd2c9683e341ef17c32441e

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6bc682f922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 974F 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 12 Dec 2022 11:01:45 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 7D6F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670842903303
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame 1E35 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
163
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7785f6bcbe46bb67-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
expires
Mon, 12 Dec 2022 15:01:45 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 534D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=90160
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Dec 2022 12:04:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame B3D4 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 12 Dec 2022 11:01:45 GMT
/
onetag-sys.com/usync/ Frame C6A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670842901773
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame 5CFE 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
163
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7785f6bcbe4abb67-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
expires
Mon, 12 Dec 2022 15:01:45 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A6B4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40635
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 12 Dec 2022 11:01:45 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
34, 261144
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220096-HHN
X-Timer
S1670842905.053141,VS0,VE0
beacon
ap.lijit.com/ Frame 00BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13421168
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670803200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Mon, 12 Dec 2022 11:01:45 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
prebid
b1h-euc1.zemanta.com/usersync/ 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 7EF3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29721513&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6c5e01bd7a87b69d72c760edcc4d7a177ef569c48c74d2f335adf502ce2b0909

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 12 Dec 2022 11:01:44 GMT
content-length
1993
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 43EF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e54e339a41265068661fd05fd9740c7fa1c2a7a2d4f5b9e2b268d55833b3f7fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Dec 2022 20:26:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33898
Connection
keep-alive
Content-Length
10065
Expires
Mon, 12 Dec 2022 20:26:43 GMT
async_usersync
ib.adnxs.com/ Frame 8103 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
AN-X-Request-Uuid
2c7a3679-8cce-473c-af94-132812c1223d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AD63 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
AN-X-Request-Uuid
d2b6f338-790d-4b6b-87e5-49451512893e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6A04 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
AN-X-Request-Uuid
e8baff3c-7f92-4f07-b804-720d6ec705b6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 961B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZf7y94VvrzjTi2Y41-_tQK_L3wwY-NkEQNmPJ34ajFLMPIhhhoueCiDe-UGmzO4k0G3P8wBtY_N-9LZci-DvIDzp3U5CwNzqX4TIY3EqHijlY5Xuw55wkCvEmV2ThEMw3D7MW5Q&sai=AMfl-YRhJvX_8-QWGIUtlfFLUqePfvxHzfaN2qLaGq3Y_Qf-R_AvGkbBFLz31BvnlhLkDdh2jS1ZhrcXv6OHliWeGYRaoBmlQlE1t5Oxqt8sqy9tO8uMLVhdosZhbq0SemQ&sig=Cg0ArKJSzPR-wAH4obUKEAE&cid=CAQSPADq26N9exYGpJDW-9Wqmk2r-bo2pdzVB4oXDqYG6i1AKe4mE1VxGg6rnS1ED4pWvQGkVU6v9C9NbcGE5xgBIBM&id=lidar2&mcvt=1048&p=102,314,352,1284&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2574293897&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670842902875&rpt=1210&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A6B4 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
AN-X-Request-Uuid
346fd69e-e638-4b91-b4af-7a9e6b482708
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FYRWanxaTmlLd3kzWGlyU25DQXE0eTd4djZXRGNtM1BlMkRqbFphMnFqelVGdjEwdlptMzRvSEdkZTJueTRZeVhwemFlaHNwYlNGZzRVVlUwMGdDVGU5ZWdYRERBY1BMS2lZQmNRalpoVDFKOC84UklOQTNkRTA2T1RkcVhKVCtqeTlYci9BVzhjVUhib1RVbTlYdWpISWpITS8rWDMvKzk0bVd3MW5seDJ4SEtvRlkwcWt3MlBPNzJzU2ROUFgzUmdSTDhQVVUwZlZlN2VVeE8rdkNidU00c1RzMWl4dStjZi9tM2pEQjB5SlRiaVdHL1Z3RUczcmVkb3ppdTRydnNiL0U2fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Dec 2022 11:01:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
599675
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 410C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c3f7f42c9a3a1d190f959f8de24fe8e5430e6b9344121c568a02a4d07a79115

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7785f6bd5d289143-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Dec 2022 11:01:45 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9iv%2FbsUn23lHh7KyyojU%2BfIwXtL0nuA%2B7k1MTmPRXdm92S0y5%2BAhd%2BsveVe6RGDczUiw9d9sPA8g285vTxFbTUk%2F1B8OMnl%2Fz2mGckvV7zs1GehWWmc%2FiVsPufFWJNGmae9gyl1BljGZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame DF79 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f538795737b59cf7295fedab2b9b974accf2449dc6b1fb80a92bc3210067a8f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7785f6bd5d3f9143-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Dec 2022 11:01:45 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNXRhIoOOmOaY0Ks4vPzyn0mKJ6pxGP4axyyIb9oCk%2FqTThB4ahQS9GRkqjZ1f%2B8yXvOAhy4m6cfcOi%2BjO9r8gxmD4E02t0eNEie4aU1ilYFSxc2tG%2Bn5vLz15vOx3N%2BbXJwA7ODPsHvkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 48A5 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1450690
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7785f6bd6987922c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=25a998b8ac2a3849e107e8d7e5458f01_1769_1670842905014&tm=5114&eT=0&widgetWidth=325&widgetHeight=57&widgetX=650&widgetY=5984&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=352&oo=true&lo=2152&odbreq=7013&odbres=7365&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:45 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
5d8d33cda5db5dc3e0183e57a66d39b2
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=12&rand=28907&key=NANOWDGT01&widgetJSId=SF_1&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=650&py=6166&vpd=4966&pubInState=1&cw=635&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
922f8a70ba589f1ff4eb0baf45103b3adc42f05161b45bfab6ab7dce092209fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842905.194130,VS0,VE122
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21945-LGA, cache-fra-eddf8230043-FRA
x-traceid
f424105997ebd8e61f803b736cc5ecff
accept-ranges
bytes
content-length
4171
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FE2A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=K0Ed8C0TFfAwSkKme0EJoihCHPYwFhz2eUT7AFjX
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=K0Ed8C0TFfAwSkKme0EJoihCHPYwFhz2eUT7AFjX
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 11:01:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 12 Dec 2022 11:01:45 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=K0Ed8C0TFfAwSkKme0EJoihCHPYwFhz2eUT7AFjX
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 633A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7176215633735710867&gdpr=0&gdpr_consent=
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7176215633735710867&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 11:01:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 12 Dec 2022 11:01:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7176215633735710867&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 0173
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OOy_Hp7DQvxiW6M3xYRcWLnVm6g
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OOy_Hp7DQvxiW6M3xYRcWLnVm6g
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 11:01:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Dec 2022 11:01:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OOy_Hp7DQvxiW6M3xYRcWLnVm6g
Pug
image2.pubmatic.com/AdServer/ Frame 56E9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDSHFVN0hMaFFBQUNCUi1UUjhGdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACHqU7HLhQAACBR-TR8Fw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACHqU7HLhQAACBR-TR8Fw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACHqU7HLhQAACBR-TR8Fw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5489620644576826852&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACHqU7HLhQAACBR-TR8Fw&gdpr=0&gdpr_consent=
568 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACHqU7HLhQAACBR-TR8Fw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACHqU7HLhQAACBR-TR8Fw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0B74
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5cKFwADbRJdvQAF&gdpr=0&gdpr_consent=
1 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5cKFwADbRJdvQAF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 12 Dec 2022 11:01:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 12 Dec 2022 11:01:45 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5cKFwADbRJdvQAF&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220092-HHN
x-timer
S1670842905.202132,VS0,VE0
Artemis
aud.pubmatic.com/AdServer/ Frame 7EF3
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date
Mon, 12 Dec 2022 11:01:45 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 7EF3
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DD93BD3F-D315-4E92-ADC1-8C014848E39B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DD93BD3F-D315-4E92-ADC1-8C014848E39B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DD93BD3F-D315-4E92-ADC1-8C014848E39B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:44 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:44 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=DD93BD3F-D315-4E92-ADC1-8C014848E39B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 7EF3 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=DD93BD3F-D315-4E92-ADC1-8C014848E39B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7785f6bdca719019-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 7EF3
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=DD93BD3F-D315-4E92-ADC1-8C014848E39B
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
54.84.251.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-251-28.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7EF3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=80f72ff1-e5f2-4b43-a3e3-22415b24558e&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_6146d54b-dbd5-427a-856c-b3e2489be4a4&bsw_param=80f72ff1-e5f2-4b43-a3e3-22415b24558e&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80f72ff1-e5f2-4b43-a3e3-22415b24558e&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80f72ff1-e5f2-4b43-a3e3-22415b24558e&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 12 Dec 2022 11:01:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80f72ff1-e5f2-4b43-a3e3-22415b24558e&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 12 Dec 2022 11:01:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
DD93BD3F-D315-4E92-ADC1-8C014848E39B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7EF3 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/DD93BD3F-D315-4E92-ADC1-8C014848E39B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:f9a9:36e4:6c12:d8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 7EF3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PGo6u4RE2uWfZO653NClG.PhIDevMu8-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PGo6u4RE2uWfZO653NClG.PhIDevMu8-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PGo6u4RE2uWfZO653NClG.PhIDevMu8-~A&gdpr=0&gdpr_consent=
date
Mon, 12 Dec 2022 11:01:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7EF3 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7EF3 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:44 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame BB31 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1450690
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7785f6bd89a7922c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 410C 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:f9a9:36e4:6c12:d8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 410C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5cKFwADbRJdvQAF
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5cKFwADbRJdvQAF
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220092-HHN
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670842905.253936,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5cKFwADbRJdvQAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 410C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:f9a9:36e4:6c12:d8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB
date
Mon, 12 Dec 2022 11:01:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 410C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8646241924767986126
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8646241924767986126
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8646241924767986126
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
bridge
cm.adgrx.com/ Frame 410C 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-2
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 410C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF2cAKkhuQ8pELFqGu91OJ0&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF2cAKkhuQ8pELFqGu91OJ0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqipmdxzoMi5i%2FoT%2BlD90ovBWMeUjikQLaPeD%2BGEHCEmM7mY439FKtjZ%2Bd0aW%2BE5WrQL9XtdPetWUZ%2FfLaycfzHsTMmNXFkeGenLinsIhHkmmF5LYIqA6I7Y%2FjAJcykgsup2cYQZyu8rFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7785f6be2f569143-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF2cAKkhuQ8pELFqGu91OJ0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 410C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0c17a53b-481a-4014-9966-eb158a836c69&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=80f72ff1-e5f2-4b43-a3e3-22415b24558e&gdpr=&gdpr_consent=
43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=80f72ff1-e5f2-4b43-a3e3-22415b24558e&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feOVuxbBqHe71oZkFNhrNSNB4J6ICm3EQeu%2BuJdsQBcY0K1XXtMqVwhKoCL1dDP66s9XXJ4g8sbQU7wEnapv%2BV4rm04qUO2jyX%2BNh63FqzvyWAcPMLI0UqoFOMR%2FPpOF%2FfRqhBY5"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7785f6bff8539c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=80f72ff1-e5f2-4b43-a3e3-22415b24558e&gdpr=&gdpr_consent=
date
Mon, 12 Dec 2022 11:01:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 410C
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Mon, 12 Dec 2022 11:01:45 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 410C 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5cKFjx6FoJlUD-FCRKzuwAA%261199
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
44967
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7785f6be09499122-FRA
content-length
43
expires
Tue, 13 Dec 2022 11:01:45 GMT
dcm
s.amazon-adsystem.com/ Frame DF79 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
96X4YBBKG0FQDERM4V8Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame DF79
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5cKFjx6FoJlUD_FCRKzuwAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF2cAKkhuQ8pELFqGu91OJ0&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF2cAKkhuQ8pELFqGu91OJ0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80CvZh4Tj%2B1i64pH%2B4qTVD7LvmbLnhVP11rQA5rWOv%2BJ4ZlIw3k8JTEckgeZbvv%2Bb7BRcGHju1Jdwst4b7CbiEaDa%2BQfFM36sslChzRlL7gX6lJUj6Rch%2FqLr3d3%2FFTsNi2fJwQrABRL%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7785f6be2f599143-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF2cAKkhuQ8pELFqGu91OJ0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DF79
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5cKFjx6FoJlUD-FCRKzuwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENWsxrPuRm1Fr-P3YfU1paM&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENWsxrPuRm1Fr-P3YfU1paM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENWsxrPuRm1Fr-P3YfU1paM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame DF79 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame DF79
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y5cKFjx6FoJlUD-FCRKzuwAA%261199
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=57c24e7a-9e87-4347-8361-b4f81aa4d7b1-tucta908f99
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=57c24e7a-9e87-4347-8361-b4f81aa4d7b1-tucta908f99
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=57c24e7a-9e87-4347-8361-b4f81aa4d7b1-tucta908f99
date
Mon, 12 Dec 2022 11:01:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13889
rum
dsum-sec.casalemedia.com/ Frame DF79
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=eafefe5b-d6c3-d2e3-f9949c57
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=eafefe5b-d6c3-d2e3-f9949c57
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Mon, 12 Dec 2022 11:01:45 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=eafefe5b-d6c3-d2e3-f9949c57
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame DF79
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8565284698728386972
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8565284698728386972
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
AN-X-Request-Uuid
cb24ebd2-5f5b-4f43-9e4c-4e7710cb96ef
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8565284698728386972
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DF79
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822730010533
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822730010533
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822730010533
Date
Mon, 12 Dec 2022 11:01:45 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
cdn.indexww.com/ht/ Frame DF79 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5cKFjx6FoJlUD-FCRKzuwAA%261199
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsports.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
44967
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7785f6be094d9122-FRA
content-length
43
expires
Tue, 13 Dec 2022 11:01:45 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame CB8F 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6bdfa31922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame 3731 		0
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6bdfa32922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding
v1
match.sharethrough.com/universal/ Frame 5DF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.254.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-254-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
v1
match.sharethrough.com/universal/ Frame 466D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.254.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-254-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
tap.php
pixel.rubiconproject.com/ Frame 43EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEETJ7Zqa86InBGBgsjtqqNw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEETJ7Zqa86InBGBgsjtqqNw&google_cver=1
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEETJ7Zqa86InBGBgsjtqqNw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 43EF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RGDUk8oaQEyslWFRYmWmUg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RGDUk8oaQEyslWFRYmWmUg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RGDUk8oaQEyslWFRYmWmUg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WDFR24TWSWZ9RCSR18FA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RGDUk8oaQEyslWFRYmWmUg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 43EF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 43EF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3CG35pkmT76McOplJxHapg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3CG35pkmT76McOplJxHapg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3CG35pkmT76McOplJxHapg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DD8S0GEBCK1CQC5461K4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3CG35pkmT76McOplJxHapg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 43EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/6_BLkfHCJuS_7gXt_2YwuA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EqOP3iBE2oJXZVK1MLKIxW3ePJNCcpJeNhCkOw--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EqOP3iBE2oJXZVK1MLKIxW3ePJNCcpJeNhCkOw--~A
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 12 Dec 2022 11:01:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EqOP3iBE2oJXZVK1MLKIxW3ePJNCcpJeNhCkOw--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 43EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGMzZjk3ODMzZjM1NWFhMDU0YTQ3YzE1NDViNDA5MmRhYTkxMTA2NA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGMzZjk3ODMzZjM1NWFhMDU0YTQ3YzE1NDViNDA5MmRhYTkxMTA2NA
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGMzZjk3ODMzZjM1NWFhMDU0YTQ3YzE1NDViNDA5MmRhYTkxMTA2NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 43EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBKOQ20G-A-B42H
0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBKOQ20G-A-B42H
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9BAC9AB530E84C1CB24726F3921A4167 Ref B: FRAEDGE1910 Ref C: 2022-12-12T11:01:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvn23akv9ycqwFMkmlrQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBKOQ20G-A-B42H
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 43EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLT1EyMEctQS1CNDJI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLT1EyMEctQS1CNDJI
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLT1EyMEctQS1CNDJI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
4MHUIg6TAPpipoiynd6X
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame C0EF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted
0
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6be6ae8922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 12 Dec 2022 11:01:45 GMT Mon, 12 Dec 2022 11:01:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted
pragma
no-cache
4MHUIg6TAPpipoiynd6X
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 585B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6be6aed922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 12 Dec 2022 11:01:45 GMT Mon, 12 Dec 2022 11:01:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/4MHUIg6TAPpipoiynd6X?pi=smilewanted
pragma
no-cache
ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"f370d19306add072a726e7f4ade8dc57:1662969054.681191"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7090
expires
Wed, 11 Jan 2023 11:01:45 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=1490626862ca3ae72ab2d88ba4f529dc_1769_1670842905270&tm=5265&eT=0&widgetWidth=635&widgetHeight=39&widgetX=650&widgetY=6171&wRV=2000982&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=145&oo=true&lo=2152&odbreq=7373&odbres=7517&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:45 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
3b1fc3639479c02947aaa4d0fe3db781
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
streamFeed.js
widgets.outbrain.com/nanoWidget/2000982/module/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000982/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
711124c06e5b21a20caf2f7e5da4af5395c9e1d94bcb5fbc6e1c984d73585b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:45 GMT
content-encoding
gzip
last-modified
Sun, 11 Dec 2022 14:57:35 GMT
server
AkamaiNetStorage
etag
"d66bccd6a9e00ada06c3e39119be4ea2:1670772400.045578"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13374
expires
Mon, 19 Dec 2022 11:01:45 GMT
get
odb.outbrain.com/utils/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=13&rand=18339&key=NANOWDGT01&widgetJSId=SF_2&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=315&py=3333&vpd=2133&pubInState=1&cw=300&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
186c62c07bb0043c071c499ced3c9d1722356eaac56084bec58022a1154ffeab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842905.345298,VS0,VE112
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21948-LGA, cache-fra-eddf8230043-FRA
x-traceid
7d9e93b33d908fb95f7ae227beaff15a
accept-ranges
bytes
content-length
3715
expires
Thu, 01 Jan 1970 00:00:00 GMT
get
mv.outbrain.com/Multivac/api/ 		95 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fsports.walla.co.il%2F&settings=true&recs=true&widgetJSId=SF_1&key=NANOWDGT01&version=2000982&apv=true&sig=BAGVGfsu&format=html&rand=59210&pubInState=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=12&lastIdx=13&lastCardIdx=0&fAB=12377-81727&layeredTestInfo=12377-81727-&dpr=1&cw=635&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000982/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b11179f65197a49f7424d299afdfb3668002a3dc767576cb8ac0f6111822a0c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842905.367544,VS0,VE1039
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21972-LGA, cache-fra-eddf8230043-FRA
x-traceid
450938b81060525f2f8830809d2d945d
accept-ranges
bytes
content-length
17995
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 4500
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
84bb298d-0adf-4667-b638-c5fa896cb375
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 12 Dec 2022 11:01:45 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6be9b2b922c-FRA
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
server
cloudflare
setuid
ib.adnxs.com/prebid/ Frame E1E8
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
c751cba1-37cc-46fc-986d-afac1cf825e5
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 12 Dec 2022 11:01:45 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6be9b30922c-FRA
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=687069643b8d694f60852402dadbebb9
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame C28C 		1 KB
834 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7785f6bf09ab9265-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame ED5C 		1 KB
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7785f6bf09af9265-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=527bd26c61f789e69ac1d98a0133f100_1769_1670842905401&tm=5394&eT=0&widgetWidth=300&widgetHeight=36&widgetX=315&widgetY=3338&wRV=2000982&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=101&oo=true&lo=2152&odbreq=7523&odbres=7645&cet=4g&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:45 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
20741dc03fb87d5f1265807de9ad20c0
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
getuid
sync.smartadserver.com/ Frame 9CC1
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 12 Dec 2022 11:01:45 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Mon, 12 Dec 2022 11:01:44 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
getuid
sync.smartadserver.com/ Frame 519B
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 12 Dec 2022 11:01:44 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Mon, 12 Dec 2022 11:01:44 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
1
sync-eu.connectad.io/syncer/ Frame 6B08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7785f6bf6a909265-FRA
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
sync.php
pixel.rubiconproject.com/exchange/ Frame 9917 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
704c1e4d3fcc922a3031d436b584678b
sync.php
pixel.rubiconproject.com/exchange/ Frame 5F23 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
611afce88997db6fdd35eb213e662871
Y5cKFjx6FoJlUD-FCRKzuwAA%261199
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame F926
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
0
135 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6c03d84922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7785f6bfdb2a9143-FRA
content-length
0
date
Mon, 12 Dec 2022 11:01:45 GMT
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNGB2fPg8WJmzC8VuaXxFIa9n1XBIrq%2FzJYPR6ruQ2LywLOJsRqh8oFE3l3eOwq1EIule9fh4iVmDIyLnkNeKjFmrENKF3QNpAGwMLEObJTDpUZKZwGjLyH1G9horLXY7yOoDAY23CM8zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Y5cKFjx6FoJlUD-FCRKzuwAA%261199
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame F103
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
0
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6c01d5b922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7785f6bfdb329143-FRA
content-length
0
date
Mon, 12 Dec 2022 11:01:45 GMT
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y5cKFjx6FoJlUD-FCRKzuwAA%261199
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcIA3ysD9scmq5aE5bOMe%2Fl5K5egZggxwBdI8uD8WDLUBkMx%2FdgcFM8wX70ZkI2YB3y0oiAPnLsjRQB81%2BR%2Bni0%2FbMtde8lh2Yaregt2kPrdOelN%2FEHnwbi8UGlHIbFcX3XryFaI7Aixwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
5e30d8be-7a0c-11ed-b590-1342c0320306
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame B930
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=5e30d2b2-7a0c-11ed-bb0d-1ef5e1e50106
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/5e30d8be-7a0c-11ed-b590-1342c0320306
0
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/5e30d8be-7a0c-11ed-b590-1342c0320306
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6c0be3f922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 12 Dec 2022 11:01:45 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/5e30d8be-7a0c-11ed-b590-1342c0320306
Server
nginx
X-fe
12
5e30d8be-7a0c-11ed-b590-1342c0320306
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 68D4
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=5e30d8f7-7a0c-11ed-b590-1342c0320306
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/5e30d8be-7a0c-11ed-b590-1342c0320306
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/5e30d8be-7a0c-11ed-b590-1342c0320306
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6c0be3d922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 12 Dec 2022 11:01:45 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/5e30d8be-7a0c-11ed-b590-1342c0320306
Server
nginx
X-fe
21
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame D603
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6c2b941922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:46 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Dec 2022 11:01:45 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame EED0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6c2e97a922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:46 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Dec 2022 11:01:46 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
30b1312e-0efd-40d6-b01f-c8fd19672a6e
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame C204
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/30b1312e-0efd-40d6-b01f-c8fd19672a6e?gdpr_consent=null&gdpr=0
0
921 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/loopme/30b1312e-0efd-40d6-b01f-c8fd19672a6e?gdpr_consent=null&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6c15f1d922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Mon, 12 Dec 2022 11:01:45 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/loopme/30b1312e-0efd-40d6-b01f-c8fd19672a6e?gdpr_consent=null&gdpr=0
server
_
a31e22f6-2ef0-4b97-a8d8-038e9bbd604a
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame B40B
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/a31e22f6-2ef0-4b97-a8d8-038e9bbd604a?gdpr_consent=null&gdpr=0
0
700 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/loopme/a31e22f6-2ef0-4b97-a8d8-038e9bbd604a?gdpr_consent=null&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7785f6c15f21922c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:45 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Mon, 12 Dec 2022 11:01:45 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/loopme/a31e22f6-2ef0-4b97-a8d8-038e9bbd604a?gdpr_consent=null&gdpr=0
server
_
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L30GH6X3WK&gtm=2oebu0&_p=319267692&cid=361128423.1670842900&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&sid=1670842899&sct=1&seg=0&dl=https%3A%2F%2Fsports.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oebu0&_p=319267692&cid=361128423.1670842900&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&sid=1670842899&sct=1&seg=0&dl=https%3A%2F%2Fsports.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%95%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%92%D7%9C%20%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20%D7%95%D7%A2%D7%95%D7%9C%D7%9E%D7%99%2C%20%D7%9B%D7%93%D7%95%D7%A8%D7%A1%D7%9C%2C%20NBA%2C%20%D7%AA%D7%A7%D7%A6%D7%99%D7%A8%D7%99%D7%9D%20%D7%95%D7%AA%D7%95%D7%A6%D7%90%D7%95%D7%AA%20-%20%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
120.png
admin.teleline.co.il/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/120.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
41acdc117740f4f45f187629fd7f5b7954423098cb03404ece0861704f5980b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Last-Modified
Tue, 04 Aug 2020 01:26:25 GMT
Server
Microsoft-IIS/8.5
ETag
"f5b3745fe69d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
6886
104.png
admin.teleline.co.il/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/104.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f5c45a56f88534dd3ff3733db465ec552722005b76e1c26f75ba67fe745e0adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Last-Modified
Thu, 20 Aug 2020 11:01:53 GMT
Server
Microsoft-IIS/8.5
ETag
"d82a3850e176d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
4582
3996.png
admin.teleline.co.il/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/3996.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
59901260773093d0a27b6a835bceaf74dd63418fa8f7941dfe601be05026dde7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Last-Modified
Sat, 05 Mar 2022 00:09:51 GMT
Server
Microsoft-IIS/8.5
ETag
"2ab34b552530d81:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
12106
100.png
admin.teleline.co.il/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/100.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
952f653d9adefde937fbd2d0c4751fad141de4f5150e9edb2302e51add28a9c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Last-Modified
Tue, 04 Aug 2020 01:22:22 GMT
Server
Microsoft-IIS/8.5
ETag
"142725b4fd69d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
4990
113.png
admin.teleline.co.il/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/113.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
325e8f8ddaee9623de560e464d2a8b60b54adbd1d203d65c9029412884212538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Last-Modified
Wed, 02 May 2018 23:30:06 GMT
Server
Microsoft-IIS/8.5
ETag
"cd741a816de2d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
11151
128.png
admin.teleline.co.il/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/128.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
dc3e4ff4f5fbe298e959301c4a693fff9084e21cb9ba55b08300e20a8b6d2a1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Last-Modified
Fri, 10 Aug 2018 21:18:37 GMT
Server
Microsoft-IIS/8.5
ETag
"1e961cb4ef30d41:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
7969
119.png
admin.teleline.co.il/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/119.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4b1db760fc3f78050bf33a922ad0f262ac3536c6ea81e18f0b498c77346d6c79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Last-Modified
Thu, 18 Jan 2018 00:23:00 GMT
Server
Microsoft-IIS/8.5
ETag
"08a87ff28fd31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
12818
10392.png
admin.teleline.co.il/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/10392.png
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
60d7cbb0c0f543dba387893ad793ff51d90b8f0ecbce849985871ff68bbcd06d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:45 GMT
Last-Modified
Sat, 05 Mar 2022 00:12:43 GMT
Server
Microsoft-IIS/8.5
ETag
"107317bc2530d81:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
6731
async_usersync
ib.adnxs.com/ Frame 8103 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:46 GMT
AN-X-Request-Uuid
2224ced1-766b-4e0d-a686-0195810b235a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AD63 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:46 GMT
AN-X-Request-Uuid
aac741f0-a3f4-47ce-9b24-bc35f41e39c0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6A04 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:46 GMT
AN-X-Request-Uuid
c560b084-0a1e-4549-b913-1ce7c2fe5050
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A6B4 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:46 GMT
AN-X-Request-Uuid
5d33ad83-690b-447e-8831-48e88085e295
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000982/module/ 		503 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000982/module/singleAnimationOnFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
32ef3018f43a15bdf537cec97b0f0efc1a68e4d8ea2f901ae5f81235804c4709

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:46 GMT
last-modified
Sun, 11 Dec 2022 14:57:35 GMT
server
AkamaiNetStorage
etag
"60594b438560ac5cc10ef064ecb6fc30:1670772394.558736"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
503
expires
Mon, 19 Dec 2022 11:01:46 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=ad7140257e46708ef3e643ffc4878b27_1769_1670842905536&tm=6350&eT=0&widgetWidth=629&widgetHeight=476&widgetX=653&widgetY=6222&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1054&oo=true&lo=2152&odbreq=7373&odbres=7517&mvreq=7543&mvres=8599&re=8601&cet=4g&cs=5&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:46 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
e0189c5c8d7be57296ee705d48a42b21
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=fab4fda4da037ac95ce340ea806a0699_1769_1670842905785&tm=6365&eT=0&widgetWidth=629&widgetHeight=476&widgetX=653&widgetY=6722&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1054&oo=true&lo=2152&odbreq=7373&odbres=7517&mvreq=7543&mvres=8599&re=8617&cet=4g&cs=5&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:46 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
299c88d0760237397a8ac9732df3b4fb
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=668bf214f050b10ed881a26734101e01_1769_1670842905838&tm=6366&eT=0&widgetWidth=629&widgetHeight=281&widgetX=653&widgetY=7222&wRV=2000982&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1054&oo=true&lo=2152&odbreq=7373&odbres=7517&mvreq=7543&mvres=8599&re=8618&cet=4g&cs=5&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:46 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
5629b97cf374020c1d5366eb7dc6be98
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=412b520e8541dac32331222c38fec8e4_1769_1670842906094&tm=6366&eT=0&widgetWidth=629&widgetHeight=476&widgetX=653&widgetY=7527&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1054&oo=true&lo=2152&odbreq=7373&odbres=7517&mvreq=7543&mvres=8599&re=8618&cet=4g&cs=5&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:46 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
a4d5b042a54b3444ddf94834ef72a72a
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=7c17aa886ef05f96e820654bc89bd0c5_1769_1670842906346&tm=6367&eT=0&widgetWidth=629&widgetHeight=501&widgetX=653&widgetY=8027&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1054&oo=true&lo=2152&odbreq=7373&odbres=7517&mvreq=7543&mvres=8599&re=8619&cet=4g&cs=5&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:46 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
3440c711ed023721bb4aff2758ee168f
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
mv.outbrain.com/Multivac/api/ 		89 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fsports.walla.co.il%2F&settings=true&recs=true&widgetJSId=SF_2&key=NANOWDGT01&version=2000982&apv=true&sig=BAGVGfsu&format=html&rand=58238&pubInState=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=13&lastIdx=18&lastCardIdx=0&fAB=9820-42692&layeredTestInfo=9820-42692-&dpr=1&cw=300&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000982/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
821969fb9543f3ca3d249bd7195cf09d8e66644d065595edf873c47a18ed6c2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:47 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842906.442121,VS0,VE1237
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13620-LGA, cache-fra-eddf8230043-FRA
x-traceid
3bb28965f83f618294d905391e91f8f6
accept-ranges
bytes
content-length
15012
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 7EF3 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=3a41106bccde38537d9bef9d0c1655c3_1769_1670842906727&tm=7662&eT=0&widgetWidth=294&widgetHeight=272&widgetX=318&widgetY=3379&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1249&oo=true&lo=2152&odbreq=7523&odbres=7645&mvreq=8621&mvres=9871&re=9914&cet=4g&cs=5&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:47 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
893077b0e73ac4ba401b2f79f99bfc19
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=c38f0a9d70eb8b7ac9bef039c7ab615a_1769_1670842906913&tm=7670&eT=0&widgetWidth=294&widgetHeight=272&widgetX=318&widgetY=3675&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1249&oo=true&lo=2152&odbreq=7523&odbres=7645&mvreq=8621&mvres=9871&re=9922&cet=4g&cs=5&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:47 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
fa9a4db40864d300a006e9fe23f1a29f
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=c0fab38a386ba150948d4fb53ec64366_1769_1670842907175&tm=7671&eT=0&widgetWidth=294&widgetHeight=272&widgetX=318&widgetY=3971&wRV=2000982&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1249&oo=true&lo=2152&odbreq=7523&odbres=7645&mvreq=8621&mvres=9871&re=9923&cet=4g&cs=5&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:47 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
cc4b5302245e3e08d6ca3aa3705ebaba
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=de96e7d5dc1bacd86e260c3a1ef9dac0_1769_1670842907404&tm=7672&eT=0&wRV=2000982&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1249&oo=true&lo=2152&odbreq=7523&odbres=7645&mvreq=8621&mvres=9871&re=9924&cet=4g&cs=5&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:47 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
c6dde822cb16c752d3c6262c55afb6d4
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=2a823bbb6489ea554cf99773627771a8_1769_1670842907621&tm=7672&eT=0&wRV=2000982&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1249&oo=true&lo=2152&odbreq=7523&odbres=7645&mvreq=8621&mvres=9871&re=9924&cet=4g&cs=5&to=1670842897819&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 11:01:47 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
47199d2c78a08fd3d6bed6d26b4bc373
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
eyJpdSI6IjVhNTIxNTg2MTUwY2U4ODY3MTRmN2Q4NzQyODVkY2RmODUyOWEzZTlhYjVmMjA3OGU5ZDBiMTk2OTE5ZjhhZTEiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVhNTIxNTg2MTUwY2U4ODY3MTRmN2Q4NzQyODVkY2RmODUyOWEzZTlhYjVmMjA3OGU5ZDBiMTk2OTE5ZjhhZTEiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.193.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-193-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bfc906a8584d259a7b8d6556b8b58183ca0ed0ed4a5289a31aa1bac21782e25e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:47 GMT
last-modified
Tue, 22 Nov 2022 14:43:51 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=818943
access-control-allow-credentials
false
x-traceid
a3d7ca7cd1305e1dc047d357a1b6e5c0
timing-allow-origin
*, *
content-length
45376
eyJpdSI6IjBiOTMyOWQ0MGQ5MzFiNGQ5ZDVlNjUxN2NkYmE4MDE2MmI4YjU2YjZjNWU0YzBlODFlMjE2MzQ2ODY3YzIwNWUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBiOTMyOWQ0MGQ5MzFiNGQ5ZDVlNjUxN2NkYmE4MDE2MmI4YjU2YjZjNWU0YzBlODFlMjE2MzQ2ODY3YzIwNWUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.193.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-193-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2590c9c9f124d2472e5b3207bd0969153155e3411de0cc0265825c569a9ccfba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:47 GMT
last-modified
Fri, 04 Nov 2022 15:01:58 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1414656
access-control-allow-credentials
false
x-traceid
b36be78cca78d8a03188abef2ede7790
timing-allow-origin
*, *
content-length
20250
eyJpdSI6IjEwOTI1M2ZjYTAxNGJmODcxYzgzYzc5YjU4OTRjYjVkMDRlOTRjMWRlYTNkNWQwZmY5MjBiZjBiNzk1NjQ1YTMiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjEwOTI1M2ZjYTAxNGJmODcxYzgzYzc5YjU4OTRjYjVkMDRlOTRjMWRlYTNkNWQwZmY5MjBiZjBiNzk1NjQ1YTMiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: sports.walla.co.il
URL: https://sports.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.193.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-193-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
45cb16c51816c53aa6ea91aab7a7c5638ab3837f680ac556e0455c30622abf91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:47 GMT
last-modified
Tue, 23 Aug 2022 08:21:54 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1726334
access-control-allow-credentials
false
x-traceid
de65decceede774808363644b4157bc8
timing-allow-origin
*, *
content-length
7028
get
odb.outbrain.com/utils/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsports.walla.co.il%2F&idx=24&rand=78722&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&adblck=false&abwl=false&px=0&py=2452&vpd=1252&pubInState=1&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0undefined&em=1&settings=true&recs=true&version=2000982&sig=BAGVGfsu&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d0b5924d49aa8c690b3d4d5f1937926b034946288d41b90521f39d71d2c9ea0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842908.770168,VS0,VE285
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21981-LGA, cache-fra-eddf8230043-FRA
x-traceid
1b3595f64580e52f1b38c787a310e263
accept-ranges
bytes
content-length
16040
expires
Thu, 01 Jan 1970 00:00:00 GMT
aacxs.php
c.aaxads.com/ Frame E4F2 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aacxs.php?flg=AAX32BW87&fv=1&fy=37&ke=1&suylg=214%2C3007%2C292%2C3014%2C265%2C203%2C356%2C97%2C3012%2C282%2C141%2C225%2C271%2C291%2C272%2C178%2C108%2C82%2C295%2C159%2C222%2C109%2C175%2C274%2C38%2C3010%2C209&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX32BW87&hst=sports.walla.co.il&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
683c9e225a2f34886eb8df0a1f927229eb77ca883ad878778ec63edcfd5b9234
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=133624
content-encoding
gzip
content-length
8740
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 11:01:48 GMT
expires
Wed, 14 Dec 2022 00:08:52 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ce267f45ab523284459c3f11ded7942b44ee16e3bedd3acba4a967a121f7f25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11111
x-xss-protection
0
syncframe
gum.criteo.com/ Frame A9A7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sports.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:48 GMT
server
Kestrel
server-processing-duration-in-ticks
894327
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 534D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74406539&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7641b055f8c9da0145816e452eb0558d63358a77ed28faeaa948652fbd64a931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 12 Dec 2022 11:01:47 GMT
content-length
1807
content-type
text/html; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 11:01:49 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2FBE
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 12 Dec 2022 11:01:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 12 Dec 2022 11:01:48 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
_
i.match
s.tribalfusion.com/z/ Frame ACEB
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7785f6d31c30bbf8-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 11:01:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7785f6d1b8eabbf8-FRA
content-type
text/html
date
Mon, 12 Dec 2022 11:01:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
7129
generic
match.adsrvr.org/track/cmf/ Frame 28FD
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1670842908447
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8778424044
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8778424044
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 12 Dec 2022 11:01:48 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 12 Dec 2022 11:01:48 GMT
etag
RXb29157a9c3f34435a53b574d7f216a20003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8778424044
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
bridge
cm.adgrx.com/ Frame FCE6 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 12 Dec 2022 11:01:48 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-2
cookiesync
core.iprom.net/ Frame 74B3 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 12 Dec 2022 11:01:48 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-8e2aa6446b91@version_1.531
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame A91D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 12 Dec 2022 11:01:48 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
gdpr_consent=
sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/ Frame 8898
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
49 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRjWSngSSUQhYVMjU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.181.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Mon, 12 Dec 2022 11:01:48 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.8.179

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRjWSngSSUQhYVMjU
ids
idsync.frontend.weborama.fr/ Frame 534D
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=933753539
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DD93BD3F-D315-4E92-ADC1-8C014848E39B
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DD93BD3F-D315-4E92-ADC1-8C014848E39B
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:48 GMT
via
1.1 google
last-modified
Mon, 12 Dec 2022 11:01:48 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DD93BD3F-D315-4E92-ADC1-8C014848E39B
date
Mon, 12 Dec 2022 11:01:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
qmap
sync.crwdcntrl.net/ Frame 534D 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.181.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:48 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.123
content-length
49
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 534D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8646241924767986126&gdpr=0&gdpr_consent=&us_privacy=
1 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8646241924767986126&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 12 Dec 2022 11:01:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8646241924767986126&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 534D
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8a3d6a9b-67bf-442a-8080-60f7340c5205&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8a3d6a9b-67bf-442a-8080-60f7340c5205&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 11:01:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8a3d6a9b-67bf-442a-8080-60f7340c5205&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 12 Dec 2022 11:01:48 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 534D
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8565284698728386972
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8565284698728386972
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 11:01:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:48 GMT
AN-X-Request-Uuid
a617a11b-bdbc-4165-9c3c-99ccb4d33bda
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8565284698728386972
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
get
mv.outbrain.com/Multivac/api/ 		86 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fsports.walla.co.il%2F&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=2000982&apv=true&sig=BAGVGfsu&format=html&rand=5419&em=1&pubInState=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZmQ4MmJiZWYzYzU1ZDJmODNhN2FlYzFlZWZjOWNiYWQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=24&lastIdx=24&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000982/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b8ffd84cc5cab5ab2d776a4d8bab7e94bd4635224d6dfdc5bca3a42182902587

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 12 Dec 2022 11:01:49 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1670842908.407058,VS0,VE1220
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21958-LGA, cache-fra-eddf8230043-FRA
x-traceid
eb5f82767ad3bf0ec1ba932c93deab86
accept-ranges
bytes
content-length
21283
expires
Thu, 01 Jan 1970 00:00:00 GMT
sid
mug.criteo.com/ Frame A9A7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=sports.walla.co.il&bundle=JqO4gl9oWmpWenhldHpQMGRqd2w4ckVZNnlpbXVCclZjTjZRbEUzY29TcSUyQmVaMyUyQ...
  • https://mug.criteo.com/sid?cpp=9aPSuXxUSDZRR1Z3RFZQYkg5ZUd4LzRHWTVsQkpsQlVPa0EydUJRR0F5UExTcENITVV0NEVuZFVBeVhJTFdWdFkybDBuTHpTUEhneFNvU1pMS1AveU5pQUEwQ2d1WXJvd3MrWkptOURUU3oxRWRCdE1kUlNURUxKTXdpdV...
417 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=9aPSuXxUSDZRR1Z3RFZQYkg5ZUd4LzRHWTVsQkpsQlVPa0EydUJRR0F5UExTcENITVV0NEVuZFVBeVhJTFdWdFkybDBuTHpTUEhneFNvU1pMS1AveU5pQUEwQ2d1WXJvd3MrWkptOURUU3oxRWRCdE1kUlNURUxKTXdpdVZ2U3YrdXNUaENvWjlHcjlMV0RpaGZDemMwVGpKT2dpTGJhaW1hVFgyY2lmSVcyNjhsbnVCUDBnMVZGWmczalBzUmdYQWdYVlZ5MkkwT2NsZTZJU0NVeGR3d2Ira1pSR3VoMHp4Z0xLUW9WR09XbWVBL0VqRlBiMjN5dFNmTStmcWtHTjF3ZEhHN1dIK2FJQjZWVExuSlBtZmt1bkQ2Zz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f426f240aa86bdac92c297b110c8da582616d25be9940ff0623cea67340797e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2563281
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 11:01:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=9aPSuXxUSDZRR1Z3RFZQYkg5ZUd4LzRHWTVsQkpsQlVPa0EydUJRR0F5UExTcENITVV0NEVuZFVBeVhJTFdWdFkybDBuTHpTUEhneFNvU1pMS1AveU5pQUEwQ2d1WXJvd3MrWkptOURUU3oxRWRCdE1kUlNURUxKTXdpdVZ2U3YrdXNUaENvWjlHcjlMV0RpaGZDemMwVGpKT2dpTGJhaW1hVFgyY2lmSVcyNjhsbnVCUDBnMVZGWmczalBzUmdYQWdYVlZ5MkkwT2NsZTZJU0NVeGR3d2Ira1pSR3VoMHp4Z0xLUW9WR09XbWVBL0VqRlBiMjN5dFNmTStmcWtHTjF3ZEhHN1dIK2FJQjZWVExuSlBtZmt1bkQ2Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
617614
content-length
0
expires
0
log
c21lg-d.media.net/ Frame E4F2 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3138445088397626000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=345AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAX32BW87&fv=1&fy=37&ke=1&suylg=214%2C3007%2C292%2C3014%2C265%2C203%2C356%2C97%2C3012%2C282%2C141%2C225%2C271%2C291%2C272%2C178%2C108%2C82%2C295%2C159%2C222%2C109%2C175%2C274%2C38%2C3010%2C209&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.aaxads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 11:01:49 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 12 Dec 2022 11:01:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C136 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 10:18:59 GMT
expires
Tue, 12 Dec 2023 10:18:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2CA3 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
84ac5cdcc125cfcba8b5d7a5b2d98f09a20e23255e9c915ec4811997e824153f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DCgChP1IcEw1N5yPUyEaog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-DCgChP1IcEw1N5yPUyEaog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 11:01:49 GMT
expires
Mon, 12 Dec 2022 11:01:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 2CA3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=1041663728480577&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame C136 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 17:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 17:53:54 GMT
generate_204
tpc.googlesyndication.com/ Frame C136 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?POQ92Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 534D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 11:01:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
3997.png
admin.teleline.co.il/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/3997.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7b3945c70039671e802de2b0442741419130107d8a9fdc4f7dab34f5615e1a57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:50 GMT
Last-Modified
Wed, 22 Sep 2021 11:47:42 GMT
Server
Microsoft-IIS/8.5
ETag
"1c3a99a6a7afd71:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
5930
105.png
admin.teleline.co.il/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/105.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f044109c6ac8a29a9c7f2a177016a8880da430ae79fe6bbd08570acc15b05d19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:50 GMT
Last-Modified
Wed, 02 May 2018 23:27:51 GMT
Server
Microsoft-IIS/8.5
ETag
"20e6a5306de2d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
13550
107.png
admin.teleline.co.il/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/107.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f2b4014195b9bc3f9418dd81d06fe9ae66ef73df1b4649408af24433bd15da67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:50 GMT
Last-Modified
Tue, 04 Aug 2020 01:22:36 GMT
Server
Microsoft-IIS/8.5
ETag
"f8705fbcfd69d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
7200
101.png
admin.teleline.co.il/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/101.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
dd19c7fb2a00781feeae945fde5920ff32fd4e06c590c610bbd28c35d4ced09a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:50 GMT
Last-Modified
Wed, 02 May 2018 23:20:41 GMT
Server
Microsoft-IIS/8.5
ETag
"c49e4306ce2d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
5598
7759.png
admin.teleline.co.il/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/7759.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
99eb7146e70642bacc1bb469bd658dca59f7ecbaecba37516c886d26eaf7128c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:50 GMT
Last-Modified
Sat, 29 Sep 2018 22:11:36 GMT
Server
Microsoft-IIS/8.5
ETag
"eb6840634158d41:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
12318
7758.png
admin.teleline.co.il/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.teleline.co.il/images/7758.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.237.97.111 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
45e846edc6b694a567c0c139bde7aba83f0b2a71d16c311312783eda90b90418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 11:01:50 GMT
Last-Modified
Sat, 29 Sep 2018 22:12:33 GMT
Server
Microsoft-IIS/8.5
ETag
"32786c854158d41:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
6104
unip
trc-events.taboola.com/1245572/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=10719&scd=21&ssd=1&est=1670842899784&ver=35&isls=true&src=i&invt=6000&rv=1&tim=1670842910504&vi=1670842899781&ri=15499e273d289dc852b1f0af102ee293&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Fsports.walla.co.il%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
https://sports.walla.co.il
pragma
no-cache
date
Mon, 12 Dec 2022 11:01:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=1041663728480577&bg=!VValVhLNAAYgquz3AKo7ACkAdvg8Wlf_bSW5Unn5vTJrHtBdQJ8mOX55EEa6nylhF2_dfHHSty9tMwIAAACBUgAAAANoAQeZArB3BGBhp8IKCf5e-e20adTw35MeIvcghTsFvK0mQkUNasLchYveb4BS3M3SXLy-3xAyaiz_cOwV5nZA0OwcqAkfaNdX7nNuOWOyq2p3u52vL20f1o9xA8IigFBPNU1cdCPfcCQJUmNFHjp7wUeZq_w0iIztxxlkor1KaprVa82-Uow4zWuY712k-D-ySP7P8i-aCt0zBQMncIUMsFxQc3gQ0deRWsO7s45US7JNSiLKJ-y_yWWcF-7oaHB1Rg0JlUxlSqJbEPCkINYX15pU3ICHAYoviQrJyMXcb7RxyjKVEvX2fgW94Sz_4BEZadrsnSTxduHePpWP--p0S5EltRC4uV3KIyvdwEkUs-adAq9Y-oGUyTMxrtuOeu_ry3txsUMS2xjKOulJb_mu_zRqd6V1rm2eZrK6UUHjhEHIAv9sqrGAMtece92AT1K2umIQIXqwMLCS13hLiMg3UMHpZsmPvv3DmcIUeCtGXGYg3tJzCat_tzGFQI03rzLasOOT0u4re4OYwc776iTb6A1vv3SE4iA0GlRqpgkmfBzF3DTxVI3H-sWwuLGRKHbdHHthsCErR4wOGShl4FIpRY6lFTPYimNFtY6KQJ_k7a2uW6XvcScaOHvSSfpS9zmE7Uc_yuNJhM9JzHw6rTPUNn9CksDt8uUL-vu9vbZi44vmqnSEuenTcoU6yl804FQ9tZdkIvHBbN1Y4fiNuFeLrTX8mbFiC1NvNs449iPhG0tvHlLdlXj0IHFlKt2KCKqeVtzjgne3R6fBhKyO9S41ZU28EvZeM1jeqLcvcXtIFZA0xlAnQ-Bb6hEAoGSjVS9bStBoUQKl4dgnVrGOJmYG-xOkcIoKL49709m2auUhGscqCZKCtiuMNjgwFwl02uPK_eN0fNPpMo1uTZgTokELXaJoFcyW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sports.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
all
csm.eu.criteo.net/ Frame 9AB5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lJXN77VHwD-DmwKR28V955OYQqRerEYVTUx-2lFpH6YSPgkN9AL_0WCXw19SFzBhpp-zC8D6xOU2KAJ4tHKWCXS_609YksiiktcnSNr9flck02vl4fb4VYVxpXZMgBVjVeW5vBCAgOCTULtbljwOCXsmPihgDITjE4oylvvRg4nXB14dX_BoQ0uNv2eMIcAofc_L0KrX8llJzNoHDNIQAuvY5JTJm5fa6TlibK_2Jk_kc7C7xAiakveJWSubmU4HfepLoQ&sds=2&rev=83862.2&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFQAMox4Hg4iaAAoECePP-0Z6BATUGAjRdw&u=%7CyBYitJGNq9nj3UmSGQ%2F%2FDFkSDxjrqeGOOge409s2WJc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_FQe8V3UKgf5orI_LqhC82y5NFdtdqTPHjNKnSrSTTO_HF8RSGc-bJlbS5TYZwLCxWxDRK1VGS24Gd2KvvD0soX1ZLaUV6VYrYTgb0Cp9T5z4RvtHVS3aYvQPuut1A_rCgH6g1QEYIQ9r9gVu4LCKNUidCwBijuWjNt1qYtaVFZLEYRS2zkON8PDUhcTIWmxdVB4L-qttdF9UAdLY1FkoY9bOe_I6m-wHI8_7CBHRbaTymfKuQSiTV-RM-YaYISAlh4Yh7el--cH9HPiJlptYm8Hcr6zu5m0-TdBXccogW4QeFPKeHwrBpkQAfUJiSv09ct0wwh-ZrOo63rmWd8uxhJhGnsa4TJLkHcU2ZhXq-3IbUZiUhV4OSuddgyevFrWmpFjldsyXAg39nI0Hhi3G8VBBV3AkcdG9czKqPHTVnv286GdTNseVE2pH6cxAtUgBpYsHm9_NFUwmERgzuKkfYfhuVi00f58LhOz1uVUANDgeYBEz41A_tm_WX7ZNT-WAuHmMNvxIWZupYtnya8WIjhhWlcIR_rf5JYjTQLIoEagz6H7WIIiPw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOswFQqXY57GMpqRjuwPiYiokALJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAvEZnkmXp7E-4AIAqAMBqgT6AU_Qsf14PwT9Z4v8hgw4pTCqPWGi6MXlsfF-R5oeGHB0xLomfmV4t_HZ_3LAyt1bsMVtm1-fTlmM8N458Fay8muovHjHZ44iv66us6Gf7w5zJPz_6iuiL8hnMRiG6HhmdbCRBYWxEtWkiF20fl9yqs6begsKUbcKk9aaOqcemAoqHoT9HfvRNsX2b0WpSoWdzfkrzfpHcOk9oysM6wQ8O7UwDyIz6fn5K-9WDIFZ5o4bex-CkL5iaVrE5bidITkTbf0fzbyrdLNflEF6x2WLsrp036sDS_AANDFS78Ilb7KllQt5cUgenazPDnRISUwXMI-kAr5_8fVCqkHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wnpcZY5_Ke-uDZWRzy5IFkqlVBQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Dec 2022 11:01:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame E57D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=JAW2PrVHwD-DmwKRfH_SuCFaR8MpKQd5A_7sOcTgo1fg5anHlnsrpAEaJD3aS3B451Hbgq-l_yF6xBFpEmkrhUELM83Eds_HR3jULrs_ta2eF0XOYTh7Asr5MKx1TtlzdMC8kJ1ZsttTNx_hiTMr6DrEEIS9vVeO35tNxkDrZmx2ows6Adwi04JoEk4u6QhhdebMJ2H25_NdlWEOqdW9syi3h5SZw3H0X1IEwlGl9DrsSJWrXfVa1PH3vtaN9jlunTqESQ&sds=2&rev=83862.2&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5cKFgACkIcHg4qCAAilS18s6U5JsO37A7Ft9w&u=%7C5JrOWzTLKc%2Fob9hEiaFjWvUuT6njdsP7pEefdThO%2Foc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2znDxRLGQ8Dnv0q1BS75A7MAEDGjhRte1hC9hCxPB_tBymrRBkGhSkNA_xLO_g2bdgjqktYBNx0J1wf-rIywqpS86QNI7z5ecrEyts7mV196jTcgnKAOc3Jp0dlPVcLi6D79Dz0poKdg9QVJ2ykzR9O-yCu8z1sv2N-_yua74nW7ptYT0-27RzoahC9D5MgkKrFFEAVJSwmg1FKjOCN5JG25c1lC3O0qO0JdWObOTpXow0kl4j_2662losz-Dk1Gs47KmL_OtK863xwQs962GxilJIlfddqyi8Ow-n38-uM9ewKot6HRpCKptOyEXEjzwCA6ZN0fwctpIFe0hPu7zEGlVE7dzdWuHxF_-tkDhjYo0zgMoheBUWlrW62lYPmiPhJL8MqY61g3v-K32eYU16QcqPR7QRdI637no8iL3UpqciB5bfbZvho2el5o9XgKrRCnYAuDdCQrnFr-AR6a7u0iTHOsV_fbau4E5__x1qbE9K6NZp6xLfRf_xBCfA9bH5O-KpIVy1tqtK7MT78Rmcmvl5mAEGbrixMEfpQ5gqpEOL-z4w_0X65s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUSjNFgqXY4ehCoKVjuwPy8qigAHJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQLxGZ5Jl6exPuACAKgDAaoEhwJP0LoyilHjAB6zZTGnIpeuNp-X4soqMtKPtMzh0uophOXOWTHULxusOSNwiQKcw6tnFDQoK2LsgQhDXTj9axB82mgLbHIMRVBMBD8slwpWhp_oL_m3AIuaBZFDZkaA0064Z69dNA9WzSuPA5LTQxJaVC_oaVMizLqGkJfERniPJbHHInzFQfKVIhevnFQcMPDrl0L5OzqGAmZ5te4PT3_SjR3PpRS0KwXXMSC6-nouItPpZEpTJ3OVFAhA9dPf0y0hJwYWrF6pvqCDIN3jPwShp2WkZGCgPsBGRYqVx8uYSJuBg6HG82AV47AnidWASJxwo8vMc50IDLLj65I7QA0_daHDQsL7VuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xpUQRq44GPO_kRfX-lHb4IoCGxQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Dec 2022 11:01:50 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
syndication.twitter.com
URL
https://syndication.twitter.com/srv/timeline-list/screen-name/WallaSport/slug/list2?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19zaG93X2J1c2luZXNzX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=he&maxHeight=416px&origin=https%3A%2F%2Fsports.walla.co.il%2F&sessionId=ca91a92f43fe1c801f633d23017233bc4a80bfe1&showHeader=true&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| oncontentvisibilityautostatechange function| addScriptPromise object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| twttr function| admiral string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist object| WallaTargeting object| _sf_async_config object| _cb_shared object| _cbm object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| desc function| category function| author function| tags function| age function| gender object| ptag object| f object| ktag string| path object| z object| permutive object| __twttrll object| __twttr object| _0x39d7 function| _0x2e93 object| _vadHb object| vadprebid object| vadprebidChunk object| ADAGIO function| 4dm1r11545242527 object| aax object| google_tag_manager string| GoogleAnalyticsObject function| ga function| postscribe object| google_tag_manager_external function| fbq function| _fbq string| _zaVerSnippet object| _zaq function| __za_api object| _tfa function| onYouTubeIframeAPIReady object| gaGlobal function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError string| _zaVerWidget object| gaplugins object| gaData string| loadDataState object| google_conversion_id object| google_custom_params object| google_remarketing_only object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| apd_options object| __LOADABLE_LOADED_CHUNKS__ undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector boolean| fifabAlready function| fi_fab object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| regeneratorRuntime string| __strip_step__ object| fiUtils object| $backfillRefreshObserver object| $FIslowSelectors object| $InContentAutoSelector object| $websitePrependInContent function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| a object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| sw_consent object| sas object| apntag object| _ADAGIO object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ONFOCUS object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| GoogleGcLKhOms

120 Cookies

Domain/Path Name / Value
.adnxs.com/ Name: uuid2
Value: 8565284698728386972
sports.walla.co.il/ Name: aasd
Value: 1%7C1670842899678
sports.walla.co.il/ Name: __aaxsc
Value: 2
.walla.co.il/ Name: _ga
Value: GA1.3.361128423.1670842900
.walla.co.il/ Name: _gid
Value: GA1.3.1553134785.1670842900
.walla.co.il/ Name: _gat_UA-249518521-1
Value: 1
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.walla.co.il/ Name: _fbp
Value: fb.2.1670842899926.1855343791
.walla.co.il/ Name: _cb
Value: Di22MDCpTlg1CrBYjD
.walla.co.il/ Name: _chartbeat2
Value: .1670842899953.1670842899953.1.vaTFuBseCUUxcSbPD4l7DYChBsoQ.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: vad-loc-code
Value: de
.sports.walla.co.il/ Name: _awl
Value: 4.1670842900.0.5-27dd9b4ad885cbf34e0af48a2faee2c4-6763652d6575726f70652d7765737431-0
.walla.co.il/ Name: _ga_L30GH6X3WK
Value: GS1.1.1670842899.1.0.1670842900.0.0.0
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1670842899.1.0.1670842900.0.0.0
sports.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://sports.walla.co.il
sports.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rubiconproject.com/ Name: khaos
Value: LBKOQ20G-A-B42H
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrYPGQjbvDflD5APvdogVCbaTd6KyMQnaub55ZO9yeic2hGjpd7cwCijBuQTo5TOjlaLmE9honB7CsOBoprSO4S0sUClNixstOyqVI1k5poNA==
.creativecdn.com/ Name: u
Value: 4MHUIg6TAPpipoiynd6X
.creativecdn.com/ Name: ts
Value: 1670842901
.ads.stickyadstv.com/ Name: UID
Value: 716c6e65df0474cf191366483e402d
.360yield.com/ Name: tuuid
Value: fc8d9096-0f56-4abb-a2ff-69394e9c0439
.360yield.com/ Name: tuuid_lu
Value: 1670842902
.casalemedia.com/ Name: CMID
Value: Y5cKFjx6FoJlUD-FCRKzuwAA
.casalemedia.com/ Name: CMPS
Value: 1199
.casalemedia.com/ Name: CMPRO
Value: 1199
.pubmatic.com/ Name: KADUSERCOOKIE
Value: DD93BD3F-D315-4E92-ADC1-8C014848E39B
.onaudience.com/ Name: cookie
Value: 9c48ea886db35fc6
.onaudience.com/ Name: done_redirects104
Value: 1
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: 61DA5620EAB5439EA8DCC690FDE41E98
.de17a.com/ Name: guid
Value: 1.692755142150893309
.adform.net/ Name: uid
Value: 855927984755454507
.doubleclick.net/ Name: IDE
Value: AHWqTUmUt1pDswc0kOWxtTfH4uJxs8DD5ZofLXMAuJ_shHypvpxKnK4bUzOiKMiYfiY
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8565284698728386972&KRTB&23339-8565284698728386972
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-855927984755454507&KRTB&23263-855927984755454507
.walla.co.il/ Name: __gads
Value: ID=b220f2021d3c59ed:T=1670842902:S=ALNI_MYxRh4xAMxOz7MTTkDJwjNiIw1xkg
.walla.co.il/ Name: __gpi
Value: UID=00000b917a7360c8:T=1670842902:RT=1670842902:S=ALNI_MaKtljF38dtF9_oLc-0xJV4aWR-Jg
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-692755142150893309
.amazon-adsystem.com/ Name: ad-id
Value: A6z2TtgAsUxPhsdkx0NpsiQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22E9AD63D5-97C4-4A5D-A783-E6297A2FD355%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:39ab6397-0a17-4f00-915b-4af970bb99c0&KRTB&16736-uid:39ab6397-0a17-4f00-915b-4af970bb99c0&KRTB&23019-uid:39ab6397-0a17-4f00-915b-4af970bb99c0&KRTB&23208-uid:39ab6397-0a17-4f00-915b-4af970bb99c0
.mathtag.com/ Name: uuid
Value: bc556397-0a17-4000-ae73-4b8d2daa5448
.mathtag.com/ Name: mt_mop
Value: 4:1670842903
.3lift.com/ Name: tluid
Value: 1969819073678407542661
.quantserve.com/ Name: mc
Value: 63970a17-8faf3-e5081-d81d6
.bidswitch.net/ Name: tuuid
Value: 80f72ff1-e5f2-4b43-a3e3-22415b24558e
.bidswitch.net/ Name: c
Value: 1670842903
.bidswitch.net/ Name: tuuid_lu
Value: 1670842903
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5cKFwADbRJdvQAF
.creative-serving.com/ Name: tuuid
Value: 95c45a2a-91c3-4885-917f-64ae31716afb
.creative-serving.com/ Name: c
Value: 1670842903
.creative-serving.com/ Name: tuuid_lu
Value: 1670842903
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: d
Value: EJoBDgHlJ4EO-TA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-K0Ed8C0TFfAwSkKme0EJoihCHPYwFhz2eUT7AFjX&KRTB&19420-K0Ed8C0TFfAwSkKme0EJoihCHPYwFhz2eUT7AFjX&KRTB&22979-K0Ed8C0TFfAwSkKme0EJoihCHPYwFhz2eUT7AFjX&KRTB&23403-K0Ed8C0TFfAwSkKme0EJoihCHPYwFhz2eUT7AFjX
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y5cKFwADbRJdvQAF&KRTB&22978-Y5cKFwADbRJdvQAF&KRTB&23194-Y5cKFwADbRJdvQAF&KRTB&23209-Y5cKFwADbRJdvQAF
.adfarm1.adition.com/ Name: UserID1
Value: 7176215633735710867
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_6146d54b-dbd5-427a-856c-b3e2489be4a4
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7176215633735710867&KRTB&23278-7176215633735710867&KRTB&23369-7176215633735710867
.walla.co.il/ Name: cto_bidid
Value: aDpVtV9uTEp4NXJ3dFpKQkVNSSUyRnN6ZmtVR2JaTGptb0o1b200eUR6eGlRSk43S3FMZENqU0RkNmk3aVdjQjklMkJNdG51TnVvWjB6T1hSMzV5RDRvdzAwVE1xT2clM0QlM0Q
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~28sz
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-80f72ff1-e5f2-4b43-a3e3-22415b24558e
.zeotap.com/ Name: zc
Value: 3966db3c-73f6-4a0c-463f-49e60a27722c
.fiftyt.com/ Name: fifid
Value: 3df79ce4-0d58-46d4-5134-e0c59d9d1fbb
.fiftyt.com/ Name: cs
Value: MTY3MDg0MjkwNXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fMz8Lw8N7LBH4QAZ-yl4c6XVkI4QuUFvwcbJg37LzvKf
.yahoo.com/ Name: A3
Value: d=AQABBBkKl2MCELgirT1l3pDuX6cpddazvJwFEgEBAQFbmGOgYwAAAAAA_eMAAA&S=AQAAAlO9xjoht3UCPWTiQCS2VK0
.semasio.net/ Name: SEUNCY
Value: 807D0F8EEEB7F994
.bidr.io/ Name: bito
Value: AACHqU7HLhQAACBR-TR8Fw
.bidr.io/ Name: bitoIsSecure
Value: ok
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjI3NjAwNDA1NhbiM9R18c2KL3MPSClzNSsBAOoYDBolAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjI3NjAwNDA1NhbiM9R18c2KL3MPSClzNSsBAOoYDBolAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZm5gYWJkaWBqbG4GAOx8aEoQAAAA
.turn.com/ Name: uid
Value: 8646241924767986126
.fiftyt.com/ Name: fppm
Value: 20221212110145
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2GU#eO%OS!]tc58bhzs#DNB=:lK9B*:3[DOy5h(Z7!3`T!y:wZ.M/HNZG*hQ4NQwDW3S8?RiqqgYMgz^]uQd3nXm/!)xf(?_Liy
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI2ODcwNjk2NDNiOGQ2OTRmNjA4NTI0MDJkYWRiZWJiOSIsImV4cGlyZXMiOiIyMDIzLTAzLTEyVDExOjAxOjQ1WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTEyLTEyVDExOjAxOjQxWiJ9
.brand-display.com/ Name: _knxq_
Value: eafefe5b-d6c3-d2e3-f9949c57.1670842905.0.1670842905.1670842905
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&a6a98f9d-fea1-499a-8071-a46b7a1a60c8"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzA4NDI5MDU7MjswMjHZhk1DJcIlKzcejJ9vcsksgRKvv4nvOKMdY4kkUdhB9g==
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2395:u=1:x=1:i=1670842905:t=1670929305:v=2:sig=AQHE_tCnsw8ZASp13FlozoPsLEyQ_CJW"
.sportradarserving.com/ Name: zuuid
Value: 0c17a53b-481a-4014-9966-eb158a836c69
.sportradarserving.com/ Name: c
Value: 1670842905
.sportradarserving.com/ Name: zuuid_lu
Value: 1670842905
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1670842905
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-38ecbf1e-9ec3-42fc-625b-a337c5845c58.3haRnaqMhjhqYMzeaUgV%2B1rUE0f1LnyaBEl1aBM3qSI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AOOy_Hp7DQvxiW6M3xYRcWLnVm6g.%2BbLVMAL8EqPdA3K7K6Mf1V1oahmb5ur9hv8CknWlUiY
.casalemedia.com/ Name: CMTS
Value: 3166
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-OOy_Hp7DQvxiW6M3xYRcWLnVm6g&KRTB&23334-OOy_Hp7DQvxiW6M3xYRcWLnVm6g&KRTB&23417-OOy_Hp7DQvxiW6M3xYRcWLnVm6g&KRTB&23426-OOy_Hp7DQvxiW6M3xYRcWLnVm6g
.audrte.com/ Name: arcki2
Value: 901DbJuD3ebSZyHeBoQzpMH-g!20220908!1670842905592!ip#185.213.155.168
.audrte.com/ Name: arcki2_pubmatic
Value: DD93BD3F-D315-4E92-ADC1-8C014848E39B!20220908!1670842905595
.spotxchange.com/ Name: audience
Value: 5e30d8be-7a0c-11ed-b590-1342c0320306
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d84d82f3022f2be1
.csync.loopme.me/ Name: viewer_token
Value: a31e22f6-2ef0-4b97-a8d8-038e9bbd604a
.smilewanted.com/ Name: sw_user_params_infos
Value: YzMVZeg0I5Xo7W4d098pCdRTGCdNqktpSu6LbnwcmB03%2BKmELeGwARbhyvHSe3zzIHNRE0%2BgybQGRE1kVmH%2FaAwt0dYYa6UXEj%2Bdn0xqXXn1NNUCb4p2uRlMRYeyJ0uaRwv%2BUBeyrW%2FLuvdB7fskYycGcsV09J0TjEZwvNt9yySjPAYovAFFp%2B%2F%2BAq2PjUp1%2F5w7Vuq3tW1KYgZo1uQ%2Be25Sj99YzePXbHGgB8M7QhpXPV0xj7YHqPz8i1yBUZj9RJGOyqGjJNYf4aCUygn6dyFOCKL2KaF95cAKO%2F2lXLXdUIB4u4ZqkjF01s41rZMlsEhf1Hmc4rDT5b%2B2el1Zv26uIc%2Bz8tPB5vsRxaOdUHD36Am3IVDBvjqBttHETkuQKqB%2FH4k%2FtVIBLJrYljv8TJN2h%2Fe37XgxT8XELvJ9DCITWh2TGC4tFzGc%2F7l2snD2tW39DjeV7tYzq%2B9L%2BKI56f2jTtexpzVP2aOnY0MyG%2FnfgkWBCX7wSfYXok1bUISGN8mLvWGWRUSjAgHocgQ5o9hR5D00QTa9ooOeqpUEVV3DYvCAP4nPB9swi%2BAqOvlQCf8gJRKVLODCbqVxTJPYaA%3D%3D
.smartadserver.com/ Name: pid
Value: 5489620644576826852
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AACHqU7HLhQAACBR-TR8Fw
.pubmatic.com/ Name: SPugT
Value: 1670842906
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 160447:4
.pubmatic.com/ Name: DPSync3
Value: 1670889600%3A174%7C1672012800%3A201_226_227_245_197_219_221_235_241
.pubmatic.com/ Name: SyncRTB3
Value: 1671408000%3A15_223_2%7C1672012800%3A7_13_234_88_233_161_220_165_176_166_55_99_243_21_81_204_71_54_8_3_22_56_251_238%7C1672099200%3A35%7C1673395200%3A203%7C1671667200%3A63
.criteo.com/ Name: uid
Value: 501b1d56-d273-49a9-85bf-843884d1d2f6
.adsby.bidtheatre.com/ Name: __kuid
Value: 8a3d6a9b-67bf-442a-8080-60f7340c5205.440056908
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b29157a9-c3f3-4435-a53b-574d7f216a20-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8646241924767986126&KRTB&23150-8646241924767986126
.pubmatic.com/ Name: PugT
Value: 1670842907
.walla.co.il/ Name: cto_bundle
Value: -wZIJ19oWmpWenhldHpQMGRqd2w4ckVZNnlzZGpMa3IzVFdnSFZpSUdraTAzZGJaVHBWTHBlUDBpekxBUEFYSVowdnNnbjRsTlZTODlSRmQlMkZyQ2NWaWxhRVRQMHlObjh4T1hHcjlKeEF1NkFtMjdJNURqcjNRTzBVSks1aEhhOWRUaUtvTVhYSFVLSndhMEZNTk84YU1aclV5USUzRCUzRA
ads.playground.xyz/ Name: connect.sid
Value: s%3Am8OLC_9XQEVp54im4EUZz9PZbnADIbwj.T40CLzgDU308yE4ttKpOtM%2BIdjih9OgYut%2FsTAIR2cw
.onaudience.com/ Name: done_redirects200
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: HBIceBtZJqMc53
.aaxads.com/ Name: aax-vsid
Value: 3138445088397626000V10
.tribalfusion.com/ Name: ANON_ID
Value: aenseFu4YUcmqcn63goUDoGgYZaNge0sSIH4HFJwW2x3VbrTdYvuygxtNArQBHv8dgcJZbF3QB0yRJMMfJeMuZb

14 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-12-12
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9c48ea886db35fc6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENYg1v1ahn8imhaRLeCjXT8&google_cver=1
Message:
Failed to load resource: the server responded with a status of 502 ()
security error URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/14674112099215987585/index.html".
security error URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1994317184232231449/index.html".
security error URL: https://85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13427559203645464275/index.html".
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/undefinedz9njpo
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACHqU7HLhQAACBR-TR8Fw&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=DD93BD3F-D315-4E92-ADC1-8C014848E39B&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRjWSngSSUQhYVMjU
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

85f34d9850a2d31911c532cfc9e771e3.safeframe.googlesyndication.com
a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
admin.teleline.co.il
ads.creative-serving.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
aud.pubmatic.com
b1h-euc1.zemanta.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.aaxads.com
c1.adform.net
c21lg-d.media.net
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.connectad.io
cdn.firstimpression.io
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.taboola.com
cdn.valuad.cloud
cf.dxmcdn.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d29k50lkkhkjby.cloudfront.net
d2muzdhs7lpmo0.cloudfront.net
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
expansioneggnog.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
images.wcdn.co.il
js-sec.indexww.com
khn.crowdad.io
l3.aaxads.com
ledger.crowdad.io
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mcdp-nydc1.outbrain.com
mp.4dex.io
mug.criteo.com
mv.outbrain.com
mwzeom.zeotap.com
odb.outbrain.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pix.eu.criteo.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.smilewanted.com
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
script.4dex.io
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
sports.walla.co.il
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.doubleclick.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.aaxdetect.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
syndication.twitter.com
103.229.206.241
104.109.78.125
104.18.33.19
104.18.36.94
104.19.150.54
104.22.69.131
104.244.42.8
13.224.194.123
141.226.228.48
141.94.171.212
141.94.171.213
141.94.240.143
142.250.185.194
142.250.185.98
142.250.186.134
146.75.118.132
151.101.1.108
151.101.194.49
151.101.65.44
159.65.194.197
172.64.154.237
178.250.0.157
178.250.2.148
178.250.2.151
18.156.0.31
18.158.120.155
18.185.209.117
18.65.48.97
18.66.122.25
18.66.122.74
18.66.137.146
18.66.30.8
185.183.112.155
185.184.8.90
185.237.97.111
185.255.84.150
185.64.189.110
185.64.189.112
185.64.189.229
185.64.190.78
185.64.190.80
185.80.39.216
185.86.137.132
185.86.138.122
185.89.210.180
185.89.211.116
185.94.180.126
193.0.160.128
195.5.165.20
198.148.27.140
198.47.127.20
2.16.185.101
2.18.234.190
2.18.235.93
2.23.193.156
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
205.185.216.10
209.54.182.161
213.155.156.165
213.19.147.45
213.227.153.223
216.52.2.39
23.32.238.50
2600:1901:0:d733::1
2600:9000:206f:8000:1e:a43d:b640:93a1
2600:9000:206f:ce00:11:da61:a100:93a1
2600:9000:223c:d800:18:1fcd:351:7bc1
2600:9000:223e:5400:4:1c73:c740:93a1
2600:9000:236e:f800:8:48e:53c0:93a1
2602:803:c003:200::21
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:36ce
2606:4700:10::ac43:db6
2606:4700:20::681a:9a9
2606:4700::6810:5914
2606:4700::6812:18ad
2606:4700::6812:272
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2004
2a00:1450:4001:806::2006
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::2014
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9a
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::1c
2a02:2638::24
2a02:2638::3
2a02:fa8:8806:13::1370
2a02:fa8:8806:16::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
2a04:4e42:400::714
2a05:d018:d29:3605:f9a9:36e4:6c12:d8
3.124.147.209
3.124.154.128
3.224.217.10
3.65.71.95
34.102.253.54
34.111.129.221
34.111.131.239
34.111.151.213
34.241.12.204
34.91.62.186
35.158.254.41
35.172.108.72
35.190.0.66
35.201.96.126
35.214.223.115
35.227.252.103
35.244.159.8
37.157.3.28
5.161.54.172
51.89.9.254
52.19.214.89
52.223.40.198
52.30.188.40
52.49.181.242
52.95.126.160
54.208.68.206
54.220.11.177
54.84.251.28
63.251.232.170
64.202.112.159
69.173.144.138
76.223.111.18
77.243.60.138
85.114.159.93
88.221.168.201
95.100.70.65
98.98.134.243
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0049a61681f009097e433d79763495def6c0a29963c2349643b10bad537266d1
011c408b7ff25c35efca452bf1637f1c694a6204b7b64cec169449bea7069fe7
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
0323ed70ae5cf95f463819fcd504fadce3f7006545774bd0e3279d4869db9315
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
041e4e82e96fd8f261f616dab5168f90097b9a265a622150c96544d252e32174
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05934d7b0fef3ada823d64f6825db606b9f186585e766053ebb43060cbc0d09c
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
0809dce74d140cdb75918db36517dfca9fee927aa704fd47ee48432aee8986b5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0946ed06195f9cd38ab578e27a2bd12166e5f957670646d3b722693a57f8239a
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
097558aeb196f61e34941cc2e32482d63f1243dc4bd2c9683e341ef17c32441e
0aaf952ded797106ab7debb341207bcb7f19bb00df865033496bc6f63dddf544
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d262927bac5a1f5c60e322246d0dd4c6f7bbcb1235701c5f4917585fd971eb6
0d89b2f0550c1ac921e821fe25897ecb2032251dfb6a39139a6fa8e57a77a640
0dd94ee3e53c0f3a41f4a92c8d3d6a83a83a23a0d2b5b49b90f033b6c137199b
0efeda61220209770aa3a3b7b1f8b1743dc34c4fba91e6f157e2c105c15a85fb
0fc06035f10953cc5868542aa2d860fe71d206600affc2ef956f971095c9ecc7
0fc51bdb2e4a1b48c73604f7da8f2adc80338595211c52bb1fccb82bb978f912
10044a2e303d46b47a2b9a53f787b399c9d112c0bd991d375517d9562d091b09
116b6f141db28cff484f08934a55a22f69abe067dc42f80aeadac811965bb8cc
1305b2f052d8eaa0fa1e83f15dfbe15cb58cdff54c44a3a24daa273e2e523a75
1399b0d28fc31887b246910d39be00f6737a38225f6d2d587d8fd346e5e3a255
1565780c34be43f45db815e18760e94fb83b3825cb98de433dc918474c86bf5c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186c62c07bb0043c071c499ced3c9d1722356eaac56084bec58022a1154ffeab
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19870be49828c1b8ec2210313a64fd51e819df0dca1f8fd9a558dfc004c363a8
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
1a01ca51778260eb823b7905bfcc7cb70b7d5a72cc4302bdf64cce835dd46383
1aae23a1a146a8276a47a9aaa6b54f499f8f433d9acf7ae65920fd168de57e42
1ab50ee880257c71537296b3c205b390186e2ab6ec764b5c35f5955ded1f2dfa
1ce267f45ab523284459c3f11ded7942b44ee16e3bedd3acba4a967a121f7f25
1d08674bea66a3581266ce9ab2b7b598e25945bfb9da5abbe8ff2cbda0cb96cb
1dabb07fff7f4405130d1edde0f56ea353ec4f13cabfe5a9109c913a6a82928c
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
212f327a5d406e5d9a03a04f3e597a2d97144b8d2da0a441c8573c0cccc1c5ce
237f87dcb8804575bf2e87a17ec516e8dc85f351325f8c08ad396fb51c4d2eb2
23b2942809e8843ff9d64ac1daa2073692be9c958ffec80293bebbaa72e00457
245ca59584797c0142e320819fb75cd4b70816e10020dc0a7b6562fc5d4cdc72
2542685bdd4814ff0d7ea2a6b89c3bd56dc88534724d5a47ab45a0f3323b392f
2590c9c9f124d2472e5b3207bd0969153155e3411de0cc0265825c569a9ccfba
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad4d8ae51db4b533f6a4f3cfcc86513b71f4a352f0c538dc648adafc4ba5c59
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d4b858c0e7906266e5342c077cb13a45cc546c1c678da9ca63a13a0940a7a7e
2d8660dfd8a943ae4ff25a2df0d7358f03a0b9026a4738c9326218c060daecf1
2d9e5ddf3350ffa9ce25db3270c54cd041adae212f17de412da84479c904abb6
2de51b64e3d7c45349292fb6a12df0dc685d2def04ba1726050cb7ce8b053e59
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0597e239a23fdde16b541722bba98f8d1e0faafec60349a43eaf2c4b341db4
2ee8ced4aa208edb5900fa92393d38bf5f02086863574f64cce2d0b2eb96b0f7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f
325e8f8ddaee9623de560e464d2a8b60b54adbd1d203d65c9029412884212538
328381785b397ae40b1a126385ebe46b78eec6d1d91d8b99bf43b8a22ba44705
32b96fde9686a7d6d85ee27f0d654d0e572da22e3bf6e1d0c90837d8c4d17790
32ef3018f43a15bdf537cec97b0f0efc1a68e4d8ea2f901ae5f81235804c4709
33013fb4e4a574b1687db9d92abdeed2d256f93219a8111ba95c624a8b8fd969
348026bb302dc71497ff7bc633a1b5850a4518acadde3325830033c3f4aeba24
3511b464f42d851a338d165b12d2e3a1388ce2c399cf1214f946002df9436150
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36eb80709a33e27046b5c393858970917eaa0563bbcfbb2cbc3a06e428a2b862
37b3bd0e86ee71fb44e3d529973ee91bbbb0514e1bb02aeafb25c3b01959b9f3
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bc650b97a11b723bab20d8919016b2cc00a9eb3b1ba6b057490dbb02c21a918
3c88267943e2de1dc46e991fd72ded98c51516f3666115f72bec30ea783f6228
3c99eaa50383c51f7ebfb8df23a585ce696b836f6ff4bf8983c9004e12bb4a06
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db78c8b09f269ad11ad4f1ee124c77d125a76c660df7156fd50f641322fc3fe
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f55c14576b73b1fa761c9722153509875403c18b3a6916045fd146f3e3a6a00
3f806647f88d37d884d78bdfa4bd50754cb4d3dcd8fc52c2a82ffc11e6350cfb
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
41acdc117740f4f45f187629fd7f5b7954423098cb03404ece0861704f5980b5
44cf5a27e08a45e1526ada5fe89c637f8710fe894ec102322dc6ea1496bb8f8a
4529063318c99582948589c202835d859092d2a24e417f4f0a3ccfe8211ad37e
453c37f8cd9c438b20aa1e7f731cda4e242cdb4b6895a43aefd96d349f699a11
45cb16c51816c53aa6ea91aab7a7c5638ab3837f680ac556e0455c30622abf91
45e846edc6b694a567c0c139bde7aba83f0b2a71d16c311312783eda90b90418
46044cb363a908423cdb89ce7e605085029e6d1e43342026d8571a919ce8793e
4635e259c09addf6f950ec8a0aa443729e4d3af07bdb9db42ef410c45b6f7373
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cc1c4165b68d2b3b570db5ff8fcf8db771bc50cfa89ffa6eb6cbaaeef456f1
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
4b1db760fc3f78050bf33a922ad0f262ac3536c6ea81e18f0b498c77346d6c79
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b69b1a03bda3b27fe03e65eac8426d87d201f99a4c40450cf02e5d595934f5b
4cf7b6880b8ed23941e1195de247f4f3339bd63ed14dbb0802407fb0b9e6a2a7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f538795737b59cf7295fedab2b9b974accf2449dc6b1fb80a92bc3210067a8f
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
511141a74343ff8870a9a44bd68a783626ef2c04d3d1b19e56d807577f128be7
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
5225eda5acceb64c556236782420a1e8b8a834b6b096611d9c94687a70cea6cb
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54e0a01ac7bf3042c83af683bedf1bded3b36a0da479ec3b21f906d1f821b4e3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567e24ce11133b13cb595ee8a50b56a2e9b4807bf707e5ebc21449c841b8e32a
56a55bbe74ec3365a7eccdb7f95f07a1b6f2dbf69726dfdf9e51e1053e2d3e0d
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
58acea94d16decf85fa312279f97cc354467abd9dd89c9d08d59d53d4675e91f
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
59901260773093d0a27b6a835bceaf74dd63418fa8f7941dfe601be05026dde7
5bf6b15485e8d21230ae7b74de727083c1ee57be8a9c77bdf17e617c188f13d2
5c44026d9ccdf5aaa1ab7153bbe052940141b1adf41b4903d0ae5ff330166b37
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60201970de40a5153d5f3666825679dd293fc86a87b127223cb974b283352e04
60d7cbb0c0f543dba387893ad793ff51d90b8f0ecbce849985871ff68bbcd06d
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632f74961d040e5981516eb5099e659d751f5ba359e83d01538116a8478e7fc9
6478f04d4caa774f764d9946212ac1b54edbb4555b02533cef242676f2856b4c
65d9e72ebeecfa8b01ad52b65a45e2353326128b66a5777ebd7d10e789d4318a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
683c9e225a2f34886eb8df0a1f927229eb77ca883ad878778ec63edcfd5b9234
68eaf8ac60d0942a6bcee0b4538d7d50ebe41bd26e332550d05d8b9d37fa16e4
69c6c0f393573c4c70b7340235f0638807deec7ddf293d163fa5907f25ae9af4
6b0779a76bbc4d6d2543290f038abd4ca7d1880636cdac2010a87a6c4c1c734a
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3f7f42c9a3a1d190f959f8de24fe8e5430e6b9344121c568a02a4d07a79115
6c5e01bd7a87b69d72c760edcc4d7a177ef569c48c74d2f335adf502ce2b0909
6ccda4d02b16a44a30bc30f7cacf41703b8a415a4dc1ddc66918641c3a5079ce
6da7d8315fee3652e18b177b54485b45bb90222d001b4c6488fb4e19e498d591
6fb4fb2015c1c18b6a31e89e3057ee75babd27b71692b345e227adef072fe025
70ee608b13a76203a36b50e3ef986c754a4a07657ac381ac6cf56655595a3b01
711124c06e5b21a20caf2f7e5da4af5395c9e1d94bcb5fbc6e1c984d73585b2e
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72beb77d56d1848987505eb6ea65eca1e5b030a670dd32ac2c37747e2eb136a3
737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd
74024ec471def17a6d2835f88223678a094f8c10ccda405a0543445c31945519
747160ad9a1497e19acc5c5e63ea35747daff123caf9a402e7e5211971d04d55
75ccb11e22d3f2e3475ada74631301c9071a94fb903877a28fc46875b9cfd063
7641b055f8c9da0145816e452eb0558d63358a77ed28faeaa948652fbd64a931
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b3945c70039671e802de2b0442741419130107d8a9fdc4f7dab34f5615e1a57
7bcb0d122114c7e64470f4a4bee469cb80936799f479f6991b9c67328223b9c5
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
8099a196b2170630895f07f2cfe3300a710f47f9f15aa5a574e44237cff91619
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
821969fb9543f3ca3d249bd7195cf09d8e66644d065595edf873c47a18ed6c2d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
83efd0b9101c6f59e129f081c28b3c1c50007c2e8c5a3fdeb0a37758655a4827
84ac5cdcc125cfcba8b5d7a5b2d98f09a20e23255e9c915ec4811997e824153f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8542470df04005d0ce153a6498d5f5553fc93e2a2e1aac58566a0c266faa21ba
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8a70c0624c31af273f95eafeb63352241d406c511e8b16237b84a99b603b4707
8ab96f05a359645c1fc3afe581857a36eea7c62f3c8fc039aa7435451a7f744b
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c39d3a763fff789411250d8802b710a3f41424f785bde603839f3d1cd49b6b3
8c3d1ba45d367c1698cf9f110fecaaf98d63d809f893dd6f860ef4b899a7fbaf
8c97652415dbbf34c809964d57a9739a66f9fd7c3511f851c5c8a56c225f8640
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7905fa09077aa06cee7ba762941085d180febf242cc617d28dff8c83ae9091
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f746862b22dfaa4db9e0514bfe936d41c93e1d82a97560976c929a2ba15ad4b
922f8a70ba589f1ff4eb0baf45103b3adc42f05161b45bfab6ab7dce092209fd
923d9714bac8f73854a4247759374bcac72e304b35cefdbba357602ac774af74
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
92d40c64adf6eead5c9323786ab19e5e2f761a678032467f146df24646346790
92f0b290d93a3c3fb3532edd969c75a853c5e73a86f63aec47d86af7ee40cceb
9368470c284c8f61e7411a81029d349fd86a5cfd46f381a528b5c7bc37d5274c
94a6bef4b9f53a757b5db63b304dfce94acb5b5b780c0ad6dffb8d62d845c8e4
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9
952f653d9adefde937fbd2d0c4751fad141de4f5150e9edb2302e51add28a9c3
95f1365c5c1b3e393224fa86f7fc8fe76cc76346ed2deca2401e80ce07f45cd5
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99472219ab322442d15d86814bc7549da5d4adfff39bbc9863ec1670cc09acf4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c69003f1b475f64a578b13fdfd566cc32c9ec0d7e51aabfe5c2b58de70918f
99eb7146e70642bacc1bb469bd658dca59f7ecbaecba37516c886d26eaf7128c
99f692cdac39b2c3ca4e1bdd8f1d39ad32344271cd4e177ba789433b39fa1545
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0ff0f3d2464f3bf4e3e6f66f85cedcc5c38c030f90fa5c630818084fa135906
a215c07deba855d94751d7693c5867d2ffa8955137fddf4588004c29977d57d3
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a30a0ed9ed6037e109da9e6a8ddbdc3db176b93d79f9f83878839f5e6d880d70
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274
a3d5bccf0d7e3c9c4c4b141e120e9d5ee450d2425c6fc0c64f7e33218434a180
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a578c3a897cea87a09b2cabb1774599707be18402aa80dc77ad4f34823f4b9f0
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab17899d2db7d959abc52e87bcf0deae0689ac69d781adc04649acf8ff07b03a
ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae4ca0b368e2c4adac01d76740c47a188a5eb4eb18f80a60aa9f7dbdde773e32
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
affa20d6b1d7f21dbbe6619e9f5c0af11d05bb7035a1bf8417164784871f2e15
b060d2099b391baa423c783e619e98834409e3e59076a6e4d482dd100d3994f9
b11179f65197a49f7424d299afdfb3668002a3dc767576cb8ac0f6111822a0c6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b63fa8f90f3f8b30a8c57665c86ad065073211f0f55a51d3b6f8cee295e3aa
b3bc14b41d1756b0e894eb1e5a221d3e49ca7ec836c15d9d947261ecf01d055e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5210f1d7206a786e8341469931625f6060842d886788cb43b55f42294be378a
b6d55aa7c6d3c78b7f39029d1cd0e4acd8463ef924b238cb978117f1712e879e
b7b74f18b90d3a161b71d0fef3b4de6db5cdb3732dfaa445740bfd2042f78b9f
b7fad3fbd54709c393fe979997e730318ed38fa7a5917890490a68aea4a723e2
b8ffd84cc5cab5ab2d776a4d8bab7e94bd4635224d6dfdc5bca3a42182902587
ba0014fceddd797812cd866ba4d3a0d251e56a38cb73f24e11ae2ac24a7e3c5f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bee2fccfc52d75c4fd26c3c5d31cca611a5205fa28746a69866c59b7b35b3979
bfc906a8584d259a7b8d6556b8b58183ca0ed0ed4a5289a31aa1bac21782e25e
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c1d0af68c6ff7f7731e3f3388714d3dc3b815f8f9f56b8aa7724ac67b7d6b159
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c631164134a8904fd7d088c7bc08d983f7f26f68552c2c01c1af20e6e6e0c7
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c4a6d78d55951081d4fca1d9c4058b3db7ee701ab7c4409f43825e0dc3dda334
c74c7d98c1d657a80c2b51929b35e3c14c599317f71e97826e9f810cdb16ada7
c7e3580052b11fcefbab0412466ccdd7e81e3fd18bfb0814d078a6392deae99d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca746e5e6037fae3b1ffdab3a61e895d2b9020cf793043748b01cae12fdbace1
cbe5c66dc036814dde662f21f08b8c7927cb241eca401d936521a46a65153627
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd0a6143d48e4eb381f4b8b8a20fd9d0b56666ae4cf18f2f7bc6e957f57951a
d0b5924d49aa8c690b3d4d5f1937926b034946288d41b90521f39d71d2c9ea0e
d22818a503c6fb6623b58bf4ab2239cdcadc5f86891f47f11692ced0cf536ed7
d2686979b1036a0518e40be3006b757e4458f82c81db3aebd7b990055cdf6ed4
d3cf32c10278a33509ebb76a209c70e5305993247be26df474afc433d9b6af9c
d60e5e5cee573ca477e287973d2737f79f2229c24320f830db23df1dd368bbe7
d730dcd2122a4f733add44430011068b6a7d7f0f79ecb58e748fe8c715b5bbe3
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d8f169f581e9e8d07c8e5a0cec347ca2a1e05452725c9bbc3063808a0a720c55
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc3e4ff4f5fbe298e959301c4a693fff9084e21cb9ba55b08300e20a8b6d2a1d
dca088c714bf9fa08a31314afdb74a7ce559ca63af88ed50862d73fefc9de3cf
dd19c7fb2a00781feeae945fde5920ff32fd4e06c590c610bbd28c35d4ced09a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de890b4ed54da567575ba54f2d74173e57a94b423366d6d3aeca40aba3eda754
df07a5a9008d3c3efdc200644ff56418e145ca0c2d463b210cb5eb8a49b497f5
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1
e2a640a3b24e12fd43148482b1db1a340f05e881363a0aeb79cb2651652c2dcb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f4be8062c1772de7efc7a8bceae84f2ee407b0825bfdc1f0fb00edafd95aaa
e54e339a41265068661fd05fd9740c7fa1c2a7a2d4f5b9e2b268d55833b3f7fc
e56ff11bbed58f7f055642c8d24a92ffd81c7e47533bcb148a13e925feece2ba
e6f0df4d92328d2d1ae7e69b35122a3424fbaf1aebb970528f69e0ea8f8440c0
e8467cb161f6e8c280105909388507391e1e82fe7c7a7db1d1087b0e5f732451
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea430238f178b636c928a445f7d938195817041c902c78aa83681dfa0a10c429
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f044109c6ac8a29a9c7f2a177016a8880da430ae79fe6bbd08570acc15b05d19
f052a36329a20e7a80766ddb576dca170731ac41b869aec96919cc1a390cf3d8
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f1bf5349baadd4d8e5b4432451f30817ad31b945f2d6da82e8baf8c9276af3b1
f2b4014195b9bc3f9418dd81d06fe9ae66ef73df1b4649408af24433bd15da67
f426f240aa86bdac92c297b110c8da582616d25be9940ff0623cea67340797e1
f48a26731c5bedb73f2c65bc3537c096ee30acd40dc1dbc52ab9dc0c7300c28f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5c45a56f88534dd3ff3733db465ec552722005b76e1c26f75ba67fe745e0adc
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741
f78f8df89252cfae14bfc370fb13ca6a6fd0fcb431f226cc6c5efdda28e8f76f
fa4351a3775574c5342ae19fd741450aa267a2a8c539e1e717dad3dd5ad71af5
fab16292a66e362f856092e0fb1fe26eeec7c620fbbfa383c7ebf7d77be81d8f
fb29dda4cdc54100b8e81a30683411bbc564ee1a8e12213395ad91f2775dfcf8
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48